Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Outlook Vulnerability Unveils NTLM Risks

January 19, 2024
Reading Time: 3 mins read
in Alerts
Outlook Vulnerability Unveils NTLM Risks

Varonis Threat Labs has uncovered a significant cybersecurity threat involving a new Outlook vulnerability (CVE-2023-35636) and three methods to access NTLM v2 hashed passwords. The vulnerability, affecting Microsoft Outlook, Windows Performance Analyzer (WPA), and Windows File Explorer, exposes users to offline brute-force and authentication relay attacks. Despite Varonis notifying Microsoft and subsequent patches for WPA and Windows File Explorer, the Outlook exploit (CVE-2023-35636) remains a concern for unpatched systems.

CVE-2023-35636 exploits the calendar sharing function in Outlook, allowing threat actors to intercept NTLM v2 hashes by manipulating email headers. Attackers can leverage these hashes in offline brute-force attacks or authentication relays, posing a serious security risk. The disclosure led Microsoft to categorize the vulnerabilities as of “moderate severity” for WPA and Windows File Explorer, while the Outlook exploit received an “important” rating with a 6.5 severity level. Microsoft issued a patch for CVE-2023-35636 on December 12, 2023, emphasizing the urgency of system updates.

The outlined attack scenarios detail how threat actors can exploit Outlook’s calendar sharing feature, URI handlers, and Windows File Explorer to obtain NTLM v2 hashes. These attacks involve crafting malicious emails, utilizing URI handlers with WPA, and exploiting Windows File Explorer’s search functionality. The potential compromise of NTLM v2 hashes underscores the critical need for organizations and individuals to implement protective measures. While Microsoft’s patches address specific vulnerabilities, safeguarding against NTLM v2 attacks requires broader strategies such as implementing SMB signing, blocking outgoing NTLM v2, and prioritizing Kerberos authentication over NTLM v2 on both network and application levels.

Reference:
  • Outlook Vulnerability NTLM Hashes Exposed Security Risk Heightens

Tags: Cyber AlertCyber Alerts 2024Cyber RiskCyber threatJanuary 2024Microsoft OutlookVaronis Threat LabsWindows File ExplorerWindows Performance AnalyzerWPA
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial