ZDNet

Windows, Linux distros, macOS pay for Kerberos 21-year-old 'cryptographic sin'

A bypass bug present in the Kerberos cryptographic authentication protocol for 21 years has now been fixed in patches from Microsoft, Samba, Fedora, FreeBSD, and Debian. The discoverers of the ancient ...

Microsoft reminder of next phase of Kerberos RC4 hardening

Microsoft wants to get rid of insecure RC4 encryption. The company points out that the next phase starts in April.
Hosted on MSN

Microsoft is cutting off a legacy cipher that caused decades of damage

Microsoft is finally ripping out one of the weakest links in its identity stack, cutting off a legacy cipher that attackers have abused for years to walk straight into corporate networks. The move ...
Dark Reading

Flawed Deployments Undermine Kerberos Security

Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open ...
https//fedtechmagazine.com

What Is Kerberoasting? How Can Agencies Boost Cyber Resilience?

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...
heise online

Microsoft starts with identification of insecure RC4 encryption

In the Windows Release Health Message Center, Microsoft explains that the software fix for a security vulnerability in Kerberos initiates the hardening of Kerberos with RC4. The vulnerability itself ...