Kerberoasting gives attackers offline paths to crack service account password, without triggering alerts. Learn from Specops Software how to protect your Active Directory with stronger SPN password policies and reduced attack surfaces. [...]

https://www.bleepingcomputer.com/news/security/how-to-harden-your-active-directory-against-kerberoasting/