ntlm (2)

13411689667?profile=RESIZE_400xSilverfort has discovered that a misconfiguration can bypass an Active Directory Group Policy designed to disable NTLMv1, allowing NTLMv1 authentications to persist. Microsoft announced the full decommission of NTLMv1 from Windows 2025.  Unified Identity Security company Silverfort has discovered a security vulnerability involving a misconfiguration in Active Directory.  This vulnerability allows NTLMv1 authentication to persist despite attempts to disable it through Group Policy.

NTLMv1 is an o

13349566864?profile=RESIZE_400xIn February 2024, Microsoft released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019.  While we’re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past. 

With the release of Windows Server 2025 earlier this month, we releas