[German]Microsoft had already announced the discontinuation of Remote PowerShell (RPS) in Exchange Online for some time (see my post Exchange Online PowerShell V2 soon deprecated, replaced by PowerShell V3 from December 2022). Starting July 15, 2023, Microsoft plans to phase out this functionality for customers. From then on, the PowerShell modules in question will no longer work.
[German]At the beginning of April 2023, Microsoft released a new version of its Microsoft Security Compliance Toolkit 1.0. Actually, it is a compulsory exercise for administrators in companies to deal with this part. In the following, I will briefly introduce the Microsoft Security Compliance Toolkit 1.0 – but I will also discuss its downsides. Because the implementation of this toolkit is a "laughing stock" that shows that the people in charge at Microsoft no longer understand what they are putting together and bringing to the administrators.
[German]Just a reminder to administrators who are responsible for Microsoft's cloud environments (Azure, etc.) in companies. It has probably been known for a long time, but as of May 8, 2023, the provider Microsoft will switch its multi-factor authentication (MFA) for cloud services to the so-called number matching procedure in order to increase security.
[German]At the beginning of April 2023, the hard drive manufacturer Western Digital had already admitted to a cyber incident in which data was stolen. In an email to customers as of May 5, 2023, the manufacturer informs its customers about this incident, which must have already taken place on or around March 26, 2023.
[German]Microsoft delivers the cURL library with the operating system since Windows 10. However, Redmond does not manage to update the delivered cURL version promptly when security vulnerabilities become known. This leads to the fact that Curl versions with known vulnerabilities are shipt with Windows. If someone gets the idea to simply delete the cURL package from Windows (or have it deleted by a virus scanner that finds the version vulnerabe), he breaks the Windows update.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The run on the cloud continues unabated, but the number of vulnerabilities and security threats is steadily increasing. Misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities and malicious (infected) open source software (OSS) threaten security. Some developers hard-pack credentials into the source code of their software, making unauthorized access easy. Palo Alto Networks' (cybersecurity provider) Unit 42 Cloud Threat Report (Volume 7, April 2023) looks at how vulnerabilities in access to cloud services affect enterprise security posture.
[German]Brief note for administrators who use FSLogix in the company on the one hand, but virtualize Windows instances on the other. In this combination, synchronization problems with OneDrive may occur. An error "FSLogix_unsupported_environment" is then reported. Microsoft confirmed this in a support post at the end of April 2023.
[German]US provider Cisco warns in a message about a critical vulnerability in one of its phone adapters. This vulnerability allows an attacker to take control of the device. Unfortunately, affected users can only dispose of this phone adapter, since the manufacturer will no longer offer a security update. The reason is that the device has reached the end of its support period.
Microsoft updated the Edge browser to version 113.0.1774.35 (security and bug fixes) on May 5, 2023 in the stable channel. According to the release notes, it fixes vulnerabilities from the Chromium project as well as two specific Edge vulnerabilities, CVE-2023-29350 and CVE-2023-29354. On May 4, there had already been the Edge 112.0.1722.71 in the Extendes stable, which fixes the same vulnerabilities.
[German]A security topic that was not really on my radar: data theft through manipulation of the Domain Name System (DNS). The whole thing goes under the terms DNSteal and DNS Exfiltration. Roughly speaking, these are techniques that can be used to tunnel firewalls and exfiltrate (steal) data via redirected DSN servers.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
