While Windows IT professionals deal with security on a daily basis, very few understand the under-the-hood protocol, Kerberos. Kerberos is a security protocol in Windows introduced in Windows 2000 to ...

Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures. The vulnerability was ...

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

Microsoft is preparing one of the most consequential security shifts in Windows in decades, turning off NTLM authentication by default and pushing organizations toward modern, Kerberos based sign in.

Proof-of-concept exploit code has been published this week for a new attack technique that can bypass the Kerberos authentication protocol in Windows environments and let intruders access sensitive ...

Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to security systems, so if ...

Eight years after it was accused of attempting to subvert the Kerberos authentication protocol, Microsoft is now joining the consortium responsible for maintaining and extending the standard. The very ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 ...