Tag

Ntlmv1

All articles tagged with #ntlmv1

cyber-security1 month ago•53 min saved

Public Rainbow Tables Sharpen NTLMv1 Attacks, Prompting Urgent Remediation

Mandiant publicly released Net-NTLMv1 rainbow tables, making NTLMv1 hash cracking practical with modest hardware and lowering barriers for admin-level credential compromise. The dataset, hosted via Google Cloud, underscores the urgent need to disable Net-NTLMv1 and migrate to NTLMv2; organizations should monitor for LM/NTLMv1 usage in Windows Event logs (e.g., Event ID 4624) and implement robust detection and remediation to prevent post-compromise downgrades and broader AD compromise (e.g., DCSync attacks).

via Cyber Security News|

#active-directory #cyber-security #net-ntlmv1

security1 month ago•5 min saved

NTLMv1 rainbow table could crack admin passwords in hours, pressuring migration

Mandiant released a Google Cloud-hosted rainbow table for Net-NTLMv1 that can recover admin passwords in under 12 hours on consumer hardware, highlighting NTLMv1’s weak keyspace and its continued use in sensitive networks. While meant to aid defenders in proving NTLMv1’s insecurity and pushing migration, the table also lowers barriers for attackers when paired with tools like Responder, PetitPotam, and DFSCoerce. Microsoft deprecated NTLMv1, and organizations are urged to disable Net-NTLMv1 despite legacy-application constraints.

via Ars Technica|

#cybersecurity #microsoft-ntlm #ntlmv1