Information securityfromComputerworld1 week agoMandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack itOrganizations keep NTLMv1 enabled to avoid breaking legacy applications, creating a high-risk attack surface that must be scanned for and removed.
Information securityfromArs Technica1 week agoMandiant releases rainbow table that cracks weak admin password in 12 hoursNTLMv1 is an insecure legacy Windows authentication protocol still widely used and vulnerable to trivial credential theft via known-plaintext and rainbow-table attacks.