New critical NTLM flows avoid all of Microsoft’s mitigations

A lot of the folks in /r/netsec are from the security industry, pen-testers, auditors, security engineers etc. These kinds of professions usually require a lot of travel to different clients, which results in hand-on experience on different and unique environments.

What we see a lot is NTLM being used for AD user authentication, from time to time we will see Kerberos implementation, but it is very trivial to force clients to fall-back to NTLM.


Leave a Reply