As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever. The deprecation of RC4 (Rivest Cipher 4) encryption in Kerberos is a shift toward ...

This is important because: Microsoft is closing the side doors to offline setup. As familiar workarounds disappear, most people are guided toward a Microsoft account on day one, which narrows choice ...

SafeBreach researchers demonstrate how attackers can crash Windows domain controllers and build a botnet using unauthenticated RPC and LDAP vulnerabilities. At DEF CON 33, security researchers ...

Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact ...

A new report out today from unified identity security company Silverfort Inc. details a previously undisclosed denial-of-service vulnerability in Microsoft Corp.’s Netlogon protocol that could allow ...

Microsoft admitted that the June 2025 security patches had introduced a new problem that was causing some Windows Server systems’ DHCP service to stall. The Dynamic Host Configuration Protocol (DHCP) ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Privilege escalation vulnerabilities are among the worst you ...

A recent report from Microsoft reinforces warnings about the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The secret to the continuing availability of security patches ...

Microsoft is warning IT administrators that their Windows Server 2025 domain controllers (DC) may lose network connectivity after they are restarted. In a Windows release health dashboard update ...