Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Cloud
Hornetsecurity is down (June 7, 2024; since ~ 7:00 a.m.)
[German]German blog reader Jona contacted me a few minutes ago and asked, whether I know anything about a malfunction at "Hornet-Security". In the meantime, there is a second report from Matthias about a service disruption. But it looks as if … Continue reading
Tenable discovers critical vulnerability in Microsoft Azure; company won't patch (June 2024)
[German]The security experts at Tenable have discovered a vulnerability in Microsoft Azure that they classify as critical. However, Microsoft has announced that it does not intend to patch this vulnerability, which affects more than ten Azure services. This means that … Continue reading
Strange cloud access to collector.azure.*
[German]I'm posting here an observation from readers that relates to Microsoft's Azure and Microsoft 365 services. Since mid-April 2024, there have been cyclical accesses to various domains that list "collector" as a subdomain. Virustotal probably has no complaints, so it's … Continue reading
Azure Entra ID: Microsoft confirms issues with Single Sign On (SSO)
[German]Administrators have been complaining for some time about sporadic problems with Single Sign On (SSO) under Microsoft's Azure Entra ID. Users are then sporadically unable to log in to their Microsoft 365 apps. Now there seems to be confirmation from … Continue reading
Does Intune store on-premises CA certificates permanently in the cloud?
[German]Good question raised by a Microsoft Intune administrator. The man had problems with certificates and took a closer look. It looks like Intune is permanently storing the CA certificates generated for on-premises systems in the cloud. Another Intune administrator pointed … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
US CISA orders admins in authorities to mitigate the cyber risks of the Microsoft Cloud
[English]On April 2, 2024, the US cybersecurity authority CISA issued a directive to the administrators of US authorities requiring them to "mitigate" or eliminate the cyber risks posed to customers by a hack of the Microsoft Cloud or the Microsoft … Continue reading
Unsecured Microsoft Azure Server exposes passwords etc. of Microsoft systems (Feb. 2024)
[German]Security researchers from SOCRadar have discovered an unsecured storage server on Microsoft Azure on which internal information about Microsoft's Bing search engine was stored. Well, the storage server, which was freely accessible to anyone, only contained unimportant stuff from Microsoft … Continue reading
Microsoft slammed for a cascade of faults that leads to Storm-0558 cloud hack
[German]The US Cyber Safety Review Board has now published its report on the hack of Microsoft Online Exchange in the summer of 2023 by the suspected Chinese group Storm-0558. The board's conclusion: Microsoft can't do security! And certainly not in … Continue reading
Microsoft 365/Exchange Online enforces suddenly MFA via Microsoft Authenticator app
[German]A quick question for the administrators responsible for Exchange Online and Microsoft 365 applications. I've just received an email from Alex saying that their users have had massive problems with Exchange Online "since today" because the Microsoft 365 applications suddenly … Continue reading
Microsoft PKI vulnerability – a warning without details …
A little info that recently came to my attention. Microsoft seems to have informed some people that they have found a configuration problem in the Microsoft Cloud Public Key Infrastructure (PKI). This would affect the configuration in the organization of … Continue reading