Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

Senator Ron Wyden has criticized Microsoft for making the default Windows configuration vulnerable to the "Kerberoasting" attack. Kerberoasting is a technique that allows hackers to steal credentials and gain unauthorized access to networks. According to Wyden, the use of the RC4 cipher as the default encryption algorithm in Windows' Kerberos authentication protocol is the root cause of the Ascension health system breach that occurred last year. Ascension, one of the largest healthcare providers in the US, was targeted by hackers who exploited the Kerberoasting vulnerability to steal login credentials. Wyden has called on Microsoft to address this security flaw by changing the default encryption algorithm in Windows. He believes that the continued use of the outdated and insecure RC4 cipher puts countless organizations and their data at risk of compromise. The senator's criticism highlights the importance of vendors addressing known security vulnerabilities in their software to protect users and prevent potential cyber attacks.