Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates ...

Microsoft will disable RC4 by default in Windows Kerberos, pushing organizations to uncover and eliminate longstanding ...

Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to security systems, so if ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 ...

While Windows IT professionals deal with security on a daily basis, very few understand the under-the-hood protocol, Kerberos. Kerberos is a security protocol in Windows introduced in Windows 2000 to ...

As the main authentication protocol for Windows enterprise networks, Kerberos has long been a favored hacking playground for security researchers and cybercriminals alike. While the focus has been on ...

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Microsoft is working on a fix for a bug in last week's patch for a bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature. Microsoft has flagged the issue affecting ...

Account administration in a distributed UNIX/Linux environment can become complicated and messy if done by hand. Large sites use special tools to deal with this problem. In this article, I describe ...