{"id":60019,"date":"2026-01-18T23:57:05","date_gmt":"2026-01-18T23:57:05","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/"},"modified":"2026-01-18T23:57:05","modified_gmt":"2026-01-18T23:57:05","slug":"mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/","title":{"rendered":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol"},"content":{"rendered":"<p><span class=\"label\">Infosec In Brief<\/span> PLUS: Google\u2019s security outfit Mandiant last week released tools that can crack credentials in 12 hours, in the hope that doing so will accelerate the death of an ancient Microsoft security protocol.<\/p>\n<p>As explained in a Mandiant <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/net-ntlmv1-deprecation-rainbow-tables\/\">post<\/a>, for over 20 years researchers have known that Microsoft\u2019s Net-NTLMv1 legacy authentication protocol exposes users to credential theft. Yet it\u2019s still out there.<\/p>\n<p>Mandiant therefore released rainbow tables it says allow security pros to easily demonstrate the weakness of Net-NTLMv1.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>\u201cThe release of this dataset allows defenders and researchers to recover keys in under 12 hours using consumer hardware costing less than $600 USD,\u201d Mandiant\u2019s principal red team consultant Nic Losby wrote last week.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Losby\u2019s post explains how to use the dataset, and concludes \u201cOrganizations should immediately disable the use of Net-NTLMv1.\u201d<\/p>\n<p><i>The Register<\/i> offered similar advice \u2013 in <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.theregister.com\/2010\/08\/12\/ntlm_authentication_still_vulnerable\/?_gl=1*w0j04*_ga*MTI0MjE1MDMxNS4xNzE5OTg5NTg5*_ga_JXW44Y23NM*czE3Njg3Nzg3NTEkbzE3NzkkZzEkdDE3Njg3Nzg3NjQkajQ3JGwwJGgw\">2010<\/a> \u2013 underlining the bizarre persistence of Net-NTLMv1<\/p>\n<h3 class=\"crosshead\">16 years jail for sailor who sold secrets to China<\/h3>\n<p>A US District court last week sentenced a US Navy sailor <a href=\"https:\/\/www.theregister.com\/2023\/10\/11\/us_navy_china_spy\/\">convicted<\/a> of selling secrets to China to 16 years and eight months of prison time.<\/p>\n<p>The court last year convicted Wei of six espionage-related charges, stemming from the sale of technical manuals and operational information to a Chinese intelligence official between 2022 and 2023. According to the Department of Justice&#8217;s note on his sentencing, he earned around $12,000 for his spying activities.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The DoJ claimed Wei knew his activities were wrong and confided with a fellow sailor that he thought he was being solicited by Chinese intelligence, but did not break off contact with his Chinese handler.<\/p>\n<h3 class=\"crosshead\">Supreme Court hacker pleads guilty<\/h3>\n<p>Nicholas Moore, 24, of Springfield, Tennessee, last week <a href=\"https:\/\/www.justice.gov\/usao-dc\/pr\/tennessee-man-pleads-hacking-us-supreme-court-americorps-and-va-health-system\" rel=\"nofollow\">pleaded guilty<\/a> to hacking the US Supreme Court\u2019s electronic document filing system.<\/p>\n<p>Per court <a href=\"https:\/\/www.documentcloud.org\/documents\/26471476-usa-v-moore-2\/\" rel=\"nofollow\">documents<\/a>, Nicholas Moore spent 25 days illegally accessing the SCOTUS filing system in 2023, earning him a charge of computer fraud. Additional information regarding the case, including what Moore may have done inside the system, hasn&#8217;t been made public.<\/p>\n<p>US electronic court systems have been compromised on numerous occasions in recent years, most recently by supposed Russian hackers who were <a href=\"https:\/\/www.theregister.com\/2025\/08\/14\/law_and_water_russia_blamed\/\">accused<\/a> of attacking the decades-old (and boy does it show) Public Access to Court Electronic Records (PACER) system last year.<\/p>\n<p>Moore, who was charged under <a href=\"https:\/\/www.law.cornell.edu\/uscode\/text\/18\/1030#:~:text=intentionally%20accesses%20a%20computer%20without%20authorization%20or%20exceeds%20authorized%20access%2C%20and%20thereby%20obtains%E2%80%94\" rel=\"nofollow\">18 USC 1030(a)(2)<\/a>, could face up to a decade in prison, plus fines.<\/p>\n<h3 class=\"crosshead\">Nigerian &#8216;Black Axe&#8217; gang busted again<\/h3>\n<p>It&#8217;s been three years since the Nigeria-based crime syndicate Black Axe was last busted by Interpol, but the cross-border police organization recently <a href=\"https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/34-arrests-in-spain-during-action-against-black-axe-criminal-organisation\" rel=\"nofollow\">reported<\/a> apprehending 34 individuals in Spain.<\/p>\n<p>Black Axe is known to engage in various types of crime, both virtually and in the physical world, involving cyber-enabled fraud, drug and human trafficking, and even armed robbery.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Interpol believes Black Axe has around 30,000 members, plus &#8221; countless affiliated individuals.&#8221; While Interpol said 10 of its recent arrests involved members of the gang\u2019s &#8220;core group&#8221; from Nigeria, the sheer numbers of Black Axe actors mean recent arrests are a pinprick.<\/p>\n<p>The group has been busted twice previously in recent years, with <a href=\"https:\/\/www.theregister.com\/2022\/10\/17\/interpol_black_axe_fraud\/\">75 arrests<\/a> in 2022 and <a href=\"https:\/\/www.theregister.com\/2023\/08\/20\/interpol_africa_arrests\/\">14 more apprehensions<\/a> in 2023.<\/p>\n<h3 class=\"crosshead\">Bill seeks to melt ICE\u2019s apps<\/h3>\n<p>US lawmakers are trying to set new rules that would limit the US Immigration and Customs Enforcement\u2019s (ICE\u2019s) ability to use a mobile app used to identify suspects and protestors.<\/p>\n<p>A bill backed by six Democratic House members, led by Committee on Homeland Security ranking member Bennie Thompson (D-MS), would restrict use of ICE&#8217;s <a href=\"https:\/\/www.theregister.com\/2025\/09\/15\/cbp_has_deployed_billions_in\/\">Mobile Fortify<\/a> app to ports of entry to the USA. As it stands now, ICE agents use the app during many operations, which Democrats believe enables violations of civil liberties.<\/p>\n<p>&#8220;When ICE claims that an image it snaps and runs through an unproven app can be enough evidence to detain people for possible deportation, no one is safe,&#8221; <a href=\"https:\/\/democrats-homeland.house.gov\/news\/legislation\/ranking-member-thompson-introduces-legislation-to-curb-unchecked-dhs-mobile-biometric-surveillance-and-protect-privacy-of-american-citizens\" rel=\"nofollow\">said<\/a> Thompson.<\/p>\n<p>ICE also uses other tracking technology, including license plate reading cameras, to <a href=\"https:\/\/www.theregister.com\/2026\/01\/09\/hackers_fight_back_against_ice\/\">surveil both immigrants and US citizens alike<\/a>.<\/p>\n<p>The bill also prohibits the Department of Homeland Security, ICE\u2019s parent agency, from sharing the app outside its own ranks.<\/p>\n<p>The bill would also require the Department to make the app inoperable on non-DHS systems \u2013 such as personal devices owned by ICE agents \u2013 and require ICE to delete all images, photographs, and fingerprints of US citizens previously captured by the app. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2026\/01\/18\/infosec_news_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PLUS: Navy spy sent to brig for 200 months in brig; Black Axe busted again; Bill aims to crimp ICE apps; and more Infosec In Brief\u00a0 PLUS: Google\u2019s security outfit Mandiant last week released tools that can crack credentials in 12 hours, in the hope that doing so will accelerate the death of an ancient Microsoft security protocol.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-60019","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-18T23:57:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Mandiant releases quick credential cracker, to hasten the death of a bad protocol\",\"datePublished\":\"2026-01-18T23:57:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/\"},\"wordCount\":725,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/\",\"name\":\"Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2026-01-18T23:57:05+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mandiant releases quick credential cracker, to hasten the death of a bad protocol\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/","og_locale":"en_US","og_type":"article","og_title":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-01-18T23:57:05+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol","datePublished":"2026-01-18T23:57:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/"},"wordCount":725,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/","url":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/","name":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2026-01-18T23:57:05+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aW1-FmlojdTE_UBpo3G1ZwAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/mandiant-releases-quick-credential-cracker-to-hasten-the-death-of-a-bad-protocol\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Mandiant releases quick credential cracker, to hasten the death of a bad protocol"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60019"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60019\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}