alt Hacker NewsThis empowers script kiddies, but not significantly moreso than they already were. Of all the places this is still in use, they've been exposed for years, so this isn't likely to result in a a bunch of new exploitations.
However, it's most likely to be used by governments, with legacy servers that are finicky, with filesharing set up that's impacted other computers configured for compatibility, or legacy ancient network gear or printers.
I wonder who they're pushing around, and what the motivation is?
Replies
It also empowers IT depts and cybersecurity people to be able to easily build a PoC to show why moving on from the deprecated protocol is important. In many white-hat jobs you can't just grab rainbow tables from a torrent, so a resource like this is helpful. For the grays and black hats, they've had access to rainbow tables like this for a very long time, so no change there.
I suspect Mandiant hears a lot of "this is impractical to exploit so we don't care" from their clients. Now they have a compelling rebuttal to that.
Mandiant is Google's incident response consulting business. Having worked for many years in that field myself (though not for Mandiant), they're probably sick of going to the same old engagements where companies have been getting owned the same way over and over again for the last 15 years.
What releases like this do is give IT ops people the ammunition they need to convince their leadership to actually spend some money on fixing systemic security problems.