Sign up to save your podcasts
Or
Share Kerberoasting in 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Kerberoasting in 2025
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/
https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
View all episodes
By Andy Jaw & Adam Brewer
4.7
1515 ratings
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/
https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
More shows like Blue Security
View all
Acquired
4,903 Listeners
Pivot
9,650 Listeners
Security Now (Audio)
2,009 Listeners
WSJ Tech News Briefing
1,657 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Risky Business
375 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,026 Listeners
Smashing Security
316 Listeners
Microsoft Cloud IT Pro Podcast
64 Listeners
Cybersecurity Today
179 Listeners
Defense in Depth
73 Listeners
The Azure Security Podcast
25 Listeners
Cybersecurity Headlines
137 Listeners
Entra.Chat
5 Listeners