Microsoft has enabled a preview feature by default in the latest Windows 11 Dev Channel build 25206. It is related to improving the security of SMB NTLM authentication and reducing attack surfaces.
Ntlm RSS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is no longer recommending the installation of May Patch Tuesday updates on Domain Controllers because of authentication issues.
Microsoft has released a new Windows Server preview build 25075 today to Insiders. The new build brings an SMB NTLM authentication limiting feature that makes brute-force exploits very challenging.
A new Local Privilege Escalation bug affecting all prevalent versions of Windows OS has received unofficial patches from 0Patch after Microsoft refused to fix the NTLM authenticating protocol.
A new finding by a security researcher suggests that specially crafted Windows 10 themes files can be used to redirect users to an authentication-required site to steal their Microsoft credentials.
A security engineer has discovered a method to steal login credentials from Windows and Mac computers by simply using a Linux-powered USB minicomputer, disguising the device as an Ethernet adapter.