Topic: kerberoasting attacks

Sort by: Relevance | Date
  • Kerberoasting in 2025: Protect Your Service Accounts Now
    November 15, 2025
    98%

    Kerberoasting in 2025: Protect Your Service Accounts Now

    Kerberoasting is a persistent attack exploiting Kerberos authentication to escalate privileges and compromise service accounts in Active Directory environments. Attackers use compromised standard user accounts to request encrypted service tickets, which they crack offline to gain control of high-...

    Read More »
  • Microsoft Retires Decades-Old Security Threat
    December 15, 2025
    75%

    Microsoft Retires Decades-Old Security Threat

    Microsoft is removing the deprecated and cryptographically broken RC4 encryption cipher from Windows, ending a major security vulnerability exploited in high-profile attacks like Kerberoasting. The RC4 cipher, integrated into Active Directory in 2000, remained a default fallback for decades despi...

    Read More »
  • Senator Slams Microsoft Over Windows "Kerberoasting" Vulnerability
    September 11, 2025
    75%

    Senator Slams Microsoft Over Windows "Kerberoasting" Vulnerability

    Senator Ron Wyden is urging the FTC to investigate Microsoft for cybersecurity negligence due to its default use of the outdated RC4 encryption cipher, which contributed to a major ransomware attack exposing 5.6 million patient records. Wyden accuses Microsoft of making dangerous software enginee...

    Read More »

Related Topics

active directory (3) cybersecurity negligence (2) cryptographic attacks (2) phishing attacks (1) aes encryption (1) corporate accountability (1) microsoft security (1) multi-factor authentication (1)