NTLM has three versions - NTLMv1, NTLMv2 and NTLMv2 Session Security. NTLMv2 is supposed to offer better security than its previous version, and to some extent it does provides better defense against relay and brute force attacks, but does not completely block them. NTLMv2 Session Security is a session security protocol that can be used in conjunction with NTLMv1 or NTLMv2 to provide additional security.

India tops the world’s population with 1.4 billion people. Sixty percent of that population fall under the working age group, which is expected to increase over the next decade. The world’s eyes are on India, as the country sees a fair amount of digitization among all tiers of its cities.

Sniper Dz targets social media and online services, Elastic Security Labs releases its 2024 Global Threat Report, and Andariel launches financial attacks against U.S. organizations.

The need for an iron-clad email security solution is once again making headlines. On October 3,the US Department of Justice (DoJ) reported that, working with Trustwave partner Microsoft, it had disrupted a Russian government-based scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

App-to-App SSO enables users to securely access multiple applications using a single set of credentials, simplifying the login process and enhancing user experience across platforms.

Discover the top 10 best practices for Privileged Access Management in 2024 to secure your critical systems and data. Learn expert tips now!

Enhance security and convenience with Website SSO, allowing seamless access to multiple apps using a single login. Simplify access for your organization today!

In today’s increasingly complex and evolving threat landscape, Security Operations Centers (SOCs) have become the nerve center for protecting critical national and local government assets. Building and maintaining an in-house SOC is often beyond the reach of many government agencies due to budget constraints, the need for skilled personnel, and the rapid growth of cyber threats.

CVE-2024-45409 is a critical vulnerability in the Ruby-SAML (affecting versions up to 12.2 and from 1.13.0 to 1.16.0) and OmniAuth SAML libraries. It hence effectively poses a security risk for unpatched versions of GitLab (read more on the GitLab blog). This vulnerability arises from improper verification of the SAML Response signature. An attacker with access to any signed SAML document can forge a SAML Response or Assertion with arbitrary contents.