Sign up to save your podcasts
Or
Share Kerberoasting in 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Kerberoasting in 2025
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/
https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
View all episodes
By Andy Jaw & Adam Brewer
4.7
1515 ratings
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/
https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
More shows like Blue Security
View all
Security Now (Audio)
2,002 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Risky Business
376 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,022 Listeners
Smashing Security
321 Listeners
Darknet Diaries
8,017 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
136 Listeners
Risky Bulletin
46 Listeners
The 404 Media Podcast
315 Listeners
Entra.Chat
5 Listeners