One Article Review
| Source |  Microsoft |
|---|---|
| Identifiant | 8622420 |
| Date de publication | 2024-12-09 00:00:00 (vue: 2024-12-09 20:07:56) |
| Titre | Mitigating NTLM Relay Attacks by Default |
| Texte | Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we\'re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past.
Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we\'re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past. |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 2019 2024 21410 active actors against any attacks authentication campaigns contained currently cve default enabled epa exchange existing exploiting extended february have improvement installs introduction involving mitigating new ntlm observed past protection referenced relay relaying released security server threat unaware update vector which |
| Tags | Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.