Microsoft rolls out new Kerberos protections to block RC4 encryption, with enforcement mode becoming mandatory for domain controllers in 2026.

As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever. The deprecation of RC4 (Rivest Cipher 4) encryption in Kerberos is a shift toward ...

This scenario enables MIM 2016 SP1 to leverage features of Windows Server 2016 as the domain controller for the “PRIV” forest. When this scenario is configured, a user’s Kerberos ticket will be ...

Setting up a Domain Controller (DC) in a Windows server is crucial in managing a secure and centralized network. A Domain Controller handles authentication, enforces security policies, and enables ...

SafeBreach researchers demonstrate how attackers can crash Windows domain controllers and build a botnet using unauthenticated RPC and LDAP vulnerabilities. At DEF CON 33, security researchers ...

Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact ...

A new report out today from unified identity security company Silverfort Inc. details a previously undisclosed denial-of-service vulnerability in Microsoft Corp.’s Netlogon protocol that could allow ...

Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service failures. As Redmond explained when it ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Privilege escalation vulnerabilities are among the worst you ...

Microsoft is warning IT administrators that their Windows Server 2025 domain controllers (DC) may lose network connectivity after they are restarted. In a Windows release health dashboard update ...