Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Eight years after it was accused of attempting to subvert the Kerberos authentication protocol, Microsoft is now joining the consortium responsible for maintaining and extending the standard. The very ...

Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open ...

The Kerberos authentication method originated at the Massachusetts Institute of Technology in the 1980s, as part of a project called Athena. The project involved integrating the computers on the MIT ...

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 ...

Microsoft's long history of security problems gives most CIOs significant heartburn, especially when they consider the conditions under which they'll open up Microsoft systems to the Internet. And ...