Hosted on MSN

Microsoft is cutting off a legacy cipher that caused decades of damage

Microsoft is finally ripping out one of the weakest links in its identity stack, cutting off a legacy cipher that attackers have abused for years to walk straight into corporate networks. The move ...
GIGAZINE

Why did Microsoft abolish the encryption method 'RC4' that it had supported by default for 26 years?

Microsoft has finally decided to discontinue the RC4 encryption method that has been supported by default in Windows for 26 years. By eliminating this old technology, which has been the target of ...
Threat Post

Microsoft Releases Six Bulletins, Continues RC4 Deprecation

Microsoft released six security bulletins today, and continued its deprecation of the weak RC4 encryption algorithm across Windows systems. Microsoft’s monthly release of security bulletins today is a ...
Ars Technica

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form ...
TechRadar

It's about time! Microsoft finally kills off encryption cipher blamed for multiple cyberattacks - RC4 bites the dust at last

RC4 has been exploited in high-profile attacks across enterprise Windows networks Kerberoasting exploits weaknesses in Active Directory, allowing attackers to perform offline password cracking ...
Dark Reading

SSL/TLS Suffers 'Bar Mitzvah Attack'

SSL/TLS encryption once again is being haunted by an outdated and weak feature long past its prime: a newly discovered attack exploits a weakness in the older, less secure RC4 encryption algorithm ...