Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates ...

Microsoft will disable RC4 by default in Windows Kerberos, pushing organizations to uncover and eliminate longstanding cryptographic weaknesses hidden in legacy ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 ...

Microsoft released Patch Tuesday updates for the month of April 2025 earlier today. On Windows 10, they were published under KB5055518, KB5055519, and KB5055521. On Windows 11, they were published ...

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

As the main authentication protocol for Windows enterprise networks, Kerberos has long been a favored hacking playground for security researchers and cybercriminals alike. While the focus has been on ...

While Windows IT professionals deal with security on a daily basis, very few understand the under-the-hood protocol, Kerberos. Kerberos is a security protocol in Windows introduced in Windows 2000 to ...

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Microsoft is working on a fix for a bug in last week's patch for a bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature. Microsoft has flagged the issue affecting ...