Packet Protector PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?
Feb 10, 2026
A roundup of high-risk supply-chain and software compromises, including a Notepad++ hosting breach and remediation steps. Discussion of a decade-old Telnet exploit targeting internet-facing devices. Coverage of Microsoft’s multi-year plan to retire NTLM and migration suggestions. Reports on voice-phishing toolkits that relay MFA, shadow AI risks from unapproved tools, and exposed API tokens fueling attacks.
AI Snips
Chapters
Transcript
Episode notes
Harden OT Edge Devices And Enforce MFA
- Enforce MFA on VPN concentrators and avoid password reuse to protect OT/critical infrastructure.
- Disable default accounts and services like FTP on vendor OT gear and apply vendor hardening guidance promptly.
Audit NTLM Now And Migrate To Kerberos
- Audit your environment for NTLM usage and plan to migrate to Kerberos where possible.
- Use Microsoft's phased disabling roadmap and policy settings to avoid unexpected breaks during migration.
Defend Against Vishing With Clear Callback Processes
- Warn users about vishing campaigns and publish a clear help-desk callback process to avoid social-engineering traps.
- Advise users to hang up on unsolicited support calls and use official channels to request callbacks.