Vulnerabilities inherent in the NTLM Authentication protocol remains a massive albatross for any Active Directory based Iat infrastructures (about 90% of organizations globally have AD). Most of the sophisticated attacks performed by threat actors leverage NTLM protocol based vulnerabilities and Microsoft has STRUGGLED to get a hand on it!
The post referenced here presents one of the most DETAILED analysis of the latest vulnerabilities found in NTLM and practical mitigation steps, the emphasis here is the word PRACTICAL.
For organizations that are interested in this practical solution, I’ll recommend you evaluate the CrowdStrike Falcon Zero Trust platform (Formerly Preempt Security). Contact us via firstname.lastname@example.org or sign up at www.smsam.net
A MUST read post, https://www.crowdstrike.com/blog/ntlm-keeps-haunting-microsoft/?utm_content=sprout&utm_medium=soc&utm_source=linkedin