I have a couple Intranet "applications" that use NTLM authentication to grab the user's login name, and then use that to retrieve their info from a database (everyone's on NT and IE). I've done this ...

Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks. This will modify the legacy approach where ...

Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the ...

Back in October last year, Microsoft expressed its desire to eventually disable NTLM authentication. The company on its official website has updated the list of deprecated Windows features where it ...

Multiple attackers are actively exploiting a recently patched Windows vulnerability that exposes authentication credentials, despite Microsoft releasing a fix for it in March. CVE-2025-24054 is an ...

I have a software vendor installing an application on a server in my domain and they're requesting that NTLM authentication be disabled on the server. I'm still trying to get a clear explanation of ...

Attackers can intercept legitimate Active Directory authentication requests to gain access to systems. A PetitPotam attack could allow takeover of entire Windows domains. Microsoft Active Directory ...

Microsoft Improves Windows Security with a Path to Move Off NTLM Your email has been sent It’s time to stop relying on the insecure authentication protocol built into Windows. Microsoft is making it ...

The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. Microsoft has hinted at a possible end to NTLM a few times, but ...

Security researcher Filip Dragovic published a new DFSCoerce Windows NTLM relay attack that uses MS-DFSNM (Microsoft’s Distributed File System) to take over Windows domains. Dragovic unveiled the ...