Featured post

Raccoon Rescue - Bubble Shooter

on
Raccoon Rescue - Bubble Shooter Swister Inc. Puzzle Brain Games Download Now Raccoon Bubble Shooter You will have a lot of fun while playing this game and you can play everywhere. Your main mission blow up bubbles and collect as many points as you can. How many bubbles will you blow in a shot? Come on it's your turn. You can play it at the home, in the car or whenever you want. All you need to do, download to your phone. Shoot the same color bubbles and raise your level. Each higher level is more difficult and more fun. Acquire new skills and blow more bubbles. This game will tired you and will entertain you. Sometimes you will be forced and sometimes you will win instantly. But you'll have a lot of fun each time. You can play Raccoon Bubble Shoter with any smartphone and you can play anywhere. Fun is in your hands now. Download open, and play. Download Now Download Now Bubbles Waiting For You This game is very popular among the games of sh

Your Windows Login Details Can Be Stolen By Hackers

on


From time to time, the security researchers continue to make us realize that Windows operating system is full of loopholes that can be exploited by hackers to steal our data. One such vulnerability was patched by Redmond in recent patch Tuesday.
This patch deals with a dangerous attack that could help an attacker to steal Windows NTLM password hashes remotely and freeze the vulnerable machine.

It’s worth noting that the issues related to Microsoft NTLM architecture are widely known. However, such an exploitation attempt demands user intervention or traffic interception. In the latest attack vector, no user interaction is required, and the task is completed remotely.

To carry out this Windows NTLM attack, the notorious actor needs to put a malicious SCF file in a publicly shared Windows folder. Having a public folder with no password protection is common in almost all Windows environments.

Once it’s done, a mysterious bug helps the attacker collect target’s NTLM password hash and upload it the pre-configured server. There are many free software available which could be later used to crack the hashes and gain access to the computer.

This Windows NTLM attack was exposed by Juan Diego, a Columbia-based security researcher. He reported the issue to Microsoft long back in April, and it got patched after 148 days in the form of security advisory ADV170014.

To patch this flaw, Microsoft has changed two registry keys to disable NTLM on the system. However, as these keys are available only on Windows 10 and Windows Server 2016, these are the only versions that are being patched.

It should also be highlighted that the cause of the hack still remains unexplained. Talking to Bleeping Computer, Diego said that Microsoft has been very secretive about the underlying trigger.

The users are advised to apply this patch as it’s expected to fix other pass-the-hash exploits as well. Also, don’t share folders without passwords, it’s not worth the risk.