Bleeping Computer

New Windows zero-day exposes NTLM credentials, gets unofficial patch

A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. The flaw was ...
Bleeping Computer

New Windows Themes zero-day gets free, unofficial patches

Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely. NTLM has been extensively exploited in ...

Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched

An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch.
CRN

Clorox Sues Cognizant For Allegedly Providing Network Credentials Without Authentication

Clorox is suing its longtime solution provider Cognizant, alleging it allowed a cybercriminal to enter its network by providing the needed credentials over the phone without authenticating who the ...

How weak passwords and other failings led to catastrophic breach of Ascension

“Fundamentally, the issue that leads to Kerberoasting is bad passwords,” Tim Medin, the researcher who coined the term ...

US petition calls for free security updates for Windows 10

Consumer protection organizations warn: never have so many computers been cut off from security updates as after the end of ...
ZDNet

Microsoft patches more than 100 Windows security flaws - update your PC now

The August Patch Tuesday update for Windows fixes 107 security flaws. Among all the security flaws, 13 are ranked as critical. Also adds the new Black Screen of Death and Quick Machine Recovery.