The Hacker News

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft confirms a 3-phase strategy to deprecate NTLM, improve auditing, prioritize Kerberos, and disable NTLM by default ...
Morning Overview on MSN

Microsoft’s shocking move: NTLM disabled by default in Windows

Microsoft is preparing one of the most consequential security shifts in Windows in decades, turning off NTLM authentication ...
SecurityWeek

Microsoft Moves Closer to Disabling NTLM

Microsoft has detailed a three-phased roadmap leading to NTLM being completely disabled in the next version of Windows Server ...

Windows: Microsoft clarifies NTLM phase-out, but still no date

Microsoft intends to disable the insecure NTLM protocol by default with the next Windows Server version. However, its release ...

Microsoft will disable NTLM as standard in Windows

Future Windows updates will disable NTLM authentication, bolstering security and protecting users against legacy protocol ...
Ars Technica

Internet Explorer always using Kerberos authentication... even when unsupported.

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...
Threat Post

Kerberos Authentication Spoofing: Don’t Bypass the Spec

Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to security systems, so if ...
Redmond Magazine

Kerberos Authentication 101: Understanding the Essentials of the Kerberos Security Protocol

While Windows IT professionals deal with security on a daily basis, very few understand the under-the-hood protocol, Kerberos. Kerberos is a security protocol in Windows introduced in Windows 2000 to ...