Tough love campaign is the latest attempt to kill a zombie Microsoft protocol that won’t die.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Google's Mandiant released a pre-computed rainbow table that makes cracking NTLMv1 authentication credentials trivial, allowing recovery of keys in 12 hours using a $600 computer. This controversial move aims to force organizations to finally abandon the insecure 1990s protocol that remains prevalent despite decades of warnings. NTLMv1, based on 1980s DES encryption and replaced by Kerberos in 1996, persists as a legacy fallback in Windows environments, often hidden in third-party firmware like printers. Attackers actively exploit it through phishing and relay attacks. Microsoft recently removed NTLMv1 support from Windows Server 2025 and Windows 11, but many organizations still unknowingly run it in their networks.

Mandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack it