Cyber attack and bug cause of the Microsoft Cloud outage on 30.7.2024

Posted on 2024-08-01 by guenni

[German]On July 30, 2024, there was a partial outage of Microsoft cloud services (Azure, Microsoft 365, etc.) worldwide. I had reported – but not all users were affected. Microsoft has now published a post-incident report and identified the initial causes. The problems were triggered by a DDoS attack that led to an overload. A bug in the routines for defending against such cases then exacerbated the consequences of the attack. A hacker group with a political focus on the Middle East conflict claims responsibility for the attack.

Continue reading

Posted in Cloud, issue | Tagged , | Leave a comment

Investor Meridian BidCo LLC acquires majority stake in MariaDB plc

Posted on 2024-08-01 by guenni

[German]Small addendum from July 25, 2024: It was announced that MariaDB plc has a new majority shareholder. This is a subsidiary of an investment firm. This company has acquired 88.7% of the shares in MariaDB plc and can now determine the fate of the database developer.

Continue reading

Posted in General, Software | Tagged , | Leave a comment

Microsoft discovers VMware ESXi Auth Bypass vulnerability CVE-2024-37085

Posted on 2024-07-31 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft security experts have discovered a ransomware campaign targeting VMware ESXi instances. Via an Auth Bypass vulnerability (CVE-2024-37085) it is possible to gain full administrative privileges on domain-joined ESXi hypervisors. The vulnerability is being exploited by several ransomware operators to attack ESXi installations.

Continue reading

Posted in Security, Virtualization | Tagged , | Leave a comment

Microsoft 365: Administrators no longer receive passwords by email; unlicensed accounts are archived

Posted on 2024-07-31 by guenni

[German]A few more additions to Microsoft 365 in the last few days: Microsoft is burying the option for administrators to have a password sent to them by email when setting up or editing new Microsoft 365 user accounts. This option will be discontinued by the end of August 2024 at the latest. Microsoft also wants to automatically archive unlicensed OneDrive accounts with OneDrive for Business after 90 days. This will begin in 2024 (January to March).

Continue reading

Posted in Cloud, issue | Tagged , , | Leave a comment

Microsoft Entra / MS 365 down (July 30, 2024)

Posted on 2024-07-30 by guenni

[German]Currently Microsoft is struggling with a hiccup in its cloud services. A reader informed me at around 2:29 pm (Central European Time) that Microsoft Entra had been unavailable since 2 hours. Here is a brief update on what is now known.

Continue reading

Posted in Cloud, issue | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Question: Where does Bitlocker store the recovery key in Windows?

Posted on 2024-07-30 by guenni

Windows[German]Bitlocker, the "unknown entity" I would like to paraphrase the blog post. It's about the question of where the Windows Bitlocker function actually stores the recovery key, which is needed from time to time. Before someone comes around with "in your Microsoft account", it's not always that simple. Blog reader Markus, who is an administrator, pointed out a special kind of observation in this context. Time to take another look at Bitlocker.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Windows Server: Confirmed that July 2024 updates will break Remote Desktop

Posted on 2024-07-29 by guenni

Windows[German]With the security updates that Microsoft rolled out for Windows on July 9, 2024, there are problems with remote connections. I have received some reports that the Remote Desktop Gateway service is broken and regularly crashes under some Windows versions (Windows Server 2019, Windows Server 2022). Now Microsoft has officially confirmed these problems with remote connections.

Continue reading

Posted in issue, Update, Windows | Tagged , , | Leave a comment

Exchange Online: Basic authentication for client transmission (SMTP AUTH) ends Sept. 2025

Posted on 2024-07-29 by guenni

Exchange Logo[German]I'm adding a topic to the blog that was announced by Microsoft back in April 2024, but hasn't yet received too much attention. A reader had already pointed this out to me some time ago. Microsoft will finally discontinue support for basic authentication with client submission (SMTP AUTH) in Exchange Online in September 2025. So anyone who uses this feature still has a year to react.

Continue reading

Posted in Cloud | Tagged , | Leave a comment

Possible Pinterest Dat leak with 6 Million affected user (July 2024)

Posted on 2024-07-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The Pinterest service has (probably) suffered a major data leak affecting its registered users. While it's not confirmed, security researchers from Surfshark have looked at the details and found that the USA and France are the most affected countries among the 6 million affected users. Overall are 6 million user accounts affected.

Continue reading

Posted in Security | Tagged | Leave a comment

CrowdStrike: Investigation report; amount of damages and compensation; attribution of blame

Posted on 2024-07-28 by guenni

Stop - Pixabay[German]Now that the initial dust has settled after the CrowdStrike incident, which paralyzed 8.5 million Windows systems following a faulty update, new information has emerged. CrowdStrike has presented an initial investigation report into what exactly happened. There are initial figures on the amount of damage and "compensation" has been announced by CrowdStrike. Microsoft points the finger of blame at the EU for not being able to secure everything better. And the BSI is calling on both CrowdStrike and Microsoft to do better.

Continue reading

Posted in Cloud, General, issue, Windows | Tagged , , | Leave a comment