Threat Post

Microsoft Warns Customers Away From SHA-1 and RC4

The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors ...
Ars Technica

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form ...
Bleeping Computer

U.S. Senator accuses Microsoft of “gross cybersecurity negligence”

The RC4 encryption algorithm is still an option in Kerberos, despite being a weak cipher with vulnerabilities that allow recovering plaintext information. It is worth noting that Microsoft pledged to ...
TechSpot

Microsoft will soon deprecate the insecure RC4 encryption algorithm

About time: Microsoft introduced support for the RC4 stream cipher in Windows 2000 as the default authentication algorithm for the Active Directory services. The system has been insecure for even ...
Dark Reading

SSL/TLS Suffers 'Bar Mitzvah Attack'

SSL/TLS encryption once again is being haunted by an outdated and weak feature long past its prime: a newly discovered attack exploits a weakness in the older, less secure RC4 encryption algorithm ...