While Windows IT professionals deal with security on a daily basis, very few understand the under-the-hood protocol, Kerberos. Kerberos is a security protocol in Windows introduced in Windows 2000 to ...

Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures. The vulnerability was ...

Proof-of-concept exploit code has been published this week for a new attack technique that can bypass the Kerberos authentication protocol in Windows environments and let intruders access sensitive ...

Eight years after it was accused of attempting to subvert the Kerberos authentication protocol, Microsoft is now joining the consortium responsible for maintaining and extending the standard. The very ...

Account administration in a distributed UNIX/Linux environment can become complicated and messy if done by hand. Large sites use special tools to deal with this problem. In this article, I describe ...

As the main authentication protocol for Windows enterprise networks, Kerberos has long been a favored hacking playground for security researchers and cybercriminals alike. While the focus has been on ...

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released ...

Microsoft is working on a fix for a bug in last week's patch for a bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature. Microsoft has flagged the issue affecting ...

Password guessing is hard work. Why not just sniff credentials off the wire as users log in to a server and then replay them to gain access? If an attacker is able to eavesdrop on Windows login ...