Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Outlook Vulnerability Unveils NTLM Risks

January 19, 2024
Reading Time: 3 mins read
in Alerts
Outlook Vulnerability Unveils NTLM Risks

Varonis Threat Labs has uncovered a significant cybersecurity threat involving a new Outlook vulnerability (CVE-2023-35636) and three methods to access NTLM v2 hashed passwords. The vulnerability, affecting Microsoft Outlook, Windows Performance Analyzer (WPA), and Windows File Explorer, exposes users to offline brute-force and authentication relay attacks. Despite Varonis notifying Microsoft and subsequent patches for WPA and Windows File Explorer, the Outlook exploit (CVE-2023-35636) remains a concern for unpatched systems.

CVE-2023-35636 exploits the calendar sharing function in Outlook, allowing threat actors to intercept NTLM v2 hashes by manipulating email headers. Attackers can leverage these hashes in offline brute-force attacks or authentication relays, posing a serious security risk. The disclosure led Microsoft to categorize the vulnerabilities as of “moderate severity” for WPA and Windows File Explorer, while the Outlook exploit received an “important” rating with a 6.5 severity level. Microsoft issued a patch for CVE-2023-35636 on December 12, 2023, emphasizing the urgency of system updates.

The outlined attack scenarios detail how threat actors can exploit Outlook’s calendar sharing feature, URI handlers, and Windows File Explorer to obtain NTLM v2 hashes. These attacks involve crafting malicious emails, utilizing URI handlers with WPA, and exploiting Windows File Explorer’s search functionality. The potential compromise of NTLM v2 hashes underscores the critical need for organizations and individuals to implement protective measures. While Microsoft’s patches address specific vulnerabilities, safeguarding against NTLM v2 attacks requires broader strategies such as implementing SMB signing, blocking outgoing NTLM v2, and prioritizing Kerberos authentication over NTLM v2 on both network and application levels.

Reference:
  • Outlook Vulnerability NTLM Hashes Exposed Security Risk Heightens

Tags: Cyber AlertCyber Alerts 2024Cyber RiskCyber threatJanuary 2024Microsoft OutlookVaronis Threat LabsWindows File ExplorerWindows Performance AnalyzerWPA
ADVERTISEMENT

Related Posts

Fake DocuSign Alerts Target Corporate Logins

Fake DocuSign Alerts Target Corporate Logins

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Microsoft Void Blizzard Cyber Threat Alert

May 28, 2025
GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025

Latest Alerts

Microsoft Void Blizzard Cyber Threat Alert

Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

Subscribe to our newsletter

    Latest Incidents

    Migos IG Hack Blackmails Solana Cofounder

    Tiffany & Co. Faces Data Breach Incident

    MathWorks Crippled by Ransomware Attack

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial