ITSEC Newsletter 2026-02-26

Author

Henrik Falk
February 26, 2026

Paged Out! #8

We definitely have to keep meeting like this! As per tradition, we have hit another milestone between the last issue and this one, and yeah, it’s a big one. The number of total downloads of our issues passed one million! That number is high enough to fry even the most advanced botboard. And the best thing - that number increases every single day!

pagedout.institute/download/PagedOut_008.pdf

Building a Detection Foundation: Part 1 - The Single-Source Problem

Here's the thing about relying solely on EDR: attackers know you're relying on it too. I've worked cases where the adversary's first move after getting a foothold was to tamper with or disable the EDR agent. They're not subtle about it anymore - they bring their own tools specifically designed to blind your visibility. Let me share a war story that illustrates exactly why this matters.

trustedsec.com/blog/building-a-detection-foundation-part-1-the-single-source-problem

Digital Forensics: How Hackers Defeat Microsoft’s 2026 NTLM Patch

With the upcoming updates rolling out through 2026, Microsoft is moving fully toward Kerberos as the primary authentication mechanism. Kerberos is significantly stronger by design, relying on time-based tickets, mutual authentication, and stronger cryptographic primitives. However, as with any complex protocol, Kerberos has its own weaknesses. Today we will explore this topic from both an offensive and defensive perspective.

hackers-arise.com/digital-forensics-how-hackers-defeat-microsofts-2026-ntlm-patch