https://www.bleepingcomputer.com/news/security/windows-11-to-require-smb-signing-to-prevent-ntlm-relay-attacks/

Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build rolling out to Insiders in the Canary Channel.

In such attacks, threat actors force network devices (including domain controllers) to authenticate against malicious servers under the attackers' control to impersonate them and elevate privileges to gain complete control over the Windows domain.