Microsoft rolls out new Kerberos protections to block RC4 encryption, with enforcement mode becoming mandatory for domain controllers in 2026.

As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever. The deprecation of RC4 (Rivest Cipher 4) encryption in Kerberos is a shift toward ...

This scenario enables MIM 2016 SP1 to leverage features of Windows Server 2016 as the domain controller for the “PRIV” forest. When this scenario is configured, a user’s Kerberos ticket will be ...

SafeBreach researchers demonstrate how attackers can crash Windows domain controllers and build a botnet using unauthenticated RPC and LDAP vulnerabilities. At DEF CON 33, security researchers ...

The web-based UI for managing all aspects of Windows Server, Windows Server Admin Center (WAC) sure has grown up a lot in the last seven years. If you're new to the concept, you can run WAC on a ...

A new report out today from unified identity security company Silverfort Inc. details a previously undisclosed denial-of-service vulnerability in Microsoft Corp.’s Netlogon protocol that could allow ...

Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service failures. As Redmond explained when it ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Privilege escalation vulnerabilities are among the worst you ...

Microsoft warned IT admins that some Windows Server 2025 domain controllers (DCs) might become inaccessible after a restart, causing apps and services to fail or remain unreachable. As the company ...

Microsoft is warning IT administrators that their Windows Server 2025 domain controllers (DC) may lose network connectivity after they are restarted. In a Windows release health dashboard update ...