all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Add to bookmarks
Jan. 29, 2024, 1:31 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file.
The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023.
"In an email attack scenario, an attacker could exploit the

access cve cve-2023-35636 cvss cvss score exploited file flaw giant issue lan leak manager microsoft microsoft outlook ntlm outlook passwords patch patch tuesday patch tuesday updates researchers score security security flaw tech threat threat actors tuesday uncover updates vulnerability

Visit resource

More from thehackernews.com / The Hacker News

AI Company Hugging Face Notifies Users of Suspected Unauthorized Access 1 day, 3 hours ago | thehackernews.com
access advisory artificial artificial intelligence +9
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S. 1 day, 17 hours ago | thehackernews.com
access attack bricked cyber +12
Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices 1 day, 21 hours ago | thehackernews.com
attacks critical critical systems cyber +18
Beyond Threat Detection – A Race to Digital Security 1 day, 23 hours ago | thehackernews.com
attack attack surface benefits beyond +15
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting 2 days ago | thehackernews.com
actor apt28 bear blizzard +24
OpenAI, Meta, TikTok Disrupt Multiple AI-Powered Disinformation Campaigns 2 days, 2 hours ago | thehackernews.com
abuse ai-powered artificial artificial intelligence +21
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw 2 days, 17 hours ago | thehackernews.com
actively exploited agency alerts bug +34
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine 2 days, 18 hours ago | thehackernews.com
access actor anxiety called +20
Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors 2 days, 19 hours ago | thehackernews.com
access actor alert asia +23

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com