InfoWorld

Best practices can defeat ‘devastating’ Kerberos flaw

Despite claims that the problem lies in how Microsoft implements Kerberos in Windows, standard best practices and hardening rules can stop Golden Ticket and Pass-the-Hash attacks It’s hard enough ...
Threat Post

Microsoft Giving .NET Users The Option to Shed RC4

Microsoft issued advisories informing users they can now disable RC4 in .NET, in addition to additional credential protection for Windows and that it had revoked digital signatures for four UEFI ...
Bleeping Computer

U.S. Senator accuses Microsoft of “gross cybersecurity negligence”

The RC4 encryption algorithm is still an option in Kerberos, despite being a weak cipher with vulnerabilities that allow recovering plaintext information. It is worth noting that Microsoft pledged to ...