Microsoft reminder of next phase of Kerberos RC4 hardening

Microsoft wants to get rid of insecure RC4 encryption. The company points out that the next phase starts in April.
CSOonline

Don’t count on Kerberos to thwart pass-the-hash attacks

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...
Linux Journal

Centralized Authentication with Kerberos 5, Part I

Account administration in a distributed UNIX/Linux environment can become complicated and messy if done by hand. Large sites use special tools to deal with this problem. In this article, I describe ...
Dark Reading

How NTLM and Kerberos Are Still Abused in AD Attacks

Authentication sits at the heart of enterprise security, making passwords and the authentication mechanisms that use them, prime targets for cybercriminals. For more than 90% of organizations that use ...
Ars Technica

Internet Explorer always using Kerberos authentication... even when unsupported.

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...
Dark Reading

Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts

Microsoft's Azure AD Kerberos service, a cloud-based identity and access management (IAM) service based on Kerberos authentication, can be attacked using techniques similar to those used by attackers ...