Blogs
Links
Archives
Categories
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sponsors
(Paypal-Donations)Recent Comments
- David on Tor.exe: Microsoft Defender triggers an "Trojan:Win32/Malgent!MTB" alert
- guenni on Windows 11 22H2/23H2: September 2023 Preview Update KB5030310 forces shadow font on desktop icons
- EP on Edge 117.0.2045.35/36 (19. Sept. 2023)
- Nothankstextshadow on Windows 11 22H2/23H2: September 2023 Preview Update KB5030310 forces shadow font on desktop icons
- Ferdinand Meyer on Office 365: Sign in Error 1001
Meta
Recent Comments
- David on Tor.exe: Microsoft Defender triggers an "Trojan:Win32/Malgent!MTB" alert
- guenni on Windows 11 22H2/23H2: September 2023 Preview Update KB5030310 forces shadow font on desktop icons
- EP on Edge 117.0.2045.35/36 (19. Sept. 2023)
- Nothankstextshadow on Windows 11 22H2/23H2: September 2023 Preview Update KB5030310 forces shadow font on desktop icons
- Ferdinand Meyer on Office 365: Sign in Error 1001
Archives
Categories
Meta
Tag Archives: Azure
Microsoft has fixed Azure vulnerability faster (in August 2023) after Tenable criticism
[German]Microsoft surprisingly fixed a vulnerability in the Azure environment as reported of Aufugst 4, 2023, with a patch originally scheduled for end of September 2023. Microsoft has been aware of the vulnerability since March 2023. The harsh criticism of the … Continue reading
Advertising
Microsoft as a Security Risk? Azure vulnerability unpatched since March 2023, heavy criticism from Tenable – Part 2
[German]Security vendor Tenable has made serious accusations against Microsoft. A critical vulnerability in Azure Active Directory (AAD, recently EntraID) has been known since March 2023, but has not yet been patched. The CEO of security vendor Tenable, Amit Yoran, sharply … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Stolen AAD key allowed (Storm-0558) wide-ranging access to Microsoft cloud services
[German]Microsoft had to admit on begin of July 2023 that suspected Chinese hackers from the Storm-0558 group were able to forge security tokens using a stolen private MSA key. Then then gain broad access to Microsoft cloud services, as Wiz … Continue reading
Advertising
Azure Virtual Desktop: Private Link available
[German]A small addendum for administrators of Microsoft's Azure Virtual Desktop: Redmond announced last week that so-called "private links" are now generally available in Azure Virtual Desktop. This should increase the security of connections to Azure Virtual Desktop instances. This is … Continue reading
Microsoft Azure outage (June 9, 2023); what's going on?
[German]Microsoft has been struggling with outages in its cloud services (Exchange Online, Outlook.com) for days. As of June 9, 2023, the services of Microsoft Azure (probably worldwide) were disrupted. May be technical in nature – but rumor persists that attackers … Continue reading
Advertising
Azure Virtual Desktop: RDP connection issues due to SxSStackListener
[German]Anyone in the readership having issues with RDP connections to Azure Virtual Desktop (AVD) these days? It looks like a particular version of SxSStackListener is causing the problem. A user wrote a PowerShell script to determine the problematic version. Advertising
3 vulnerabilities discovered in MS Azure API management
[German]Security researchers from Israeli security vendor Ermetic have discovered three vulnerabilities in Microsoft's Azure API management. Two server-side request forgery (SSRF) vulnerabilities and an unrestricted file upload issue create risks for the Microsoft cloud environment. The vulnerabilities could be abused … Continue reading
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading
Advertising
Azure AD Connect (AADConnect) Bug Fix Update (August 2, 2022)
Quick note for administrators who have Azure AD Connect in use. As of August 2, 2022, the developers have probably released version 2.1.16.0. The reason for this release was a bug where auto-upgrade fails if the service account is in … Continue reading
Microsoft Azure: Hotfix 2 for FSLogix 2201 (2.9.8111.53415)
Microsoft has released hotfix 2 (2.9.8228.50276) for FSLogix 2201 in Microsoft Azure. This update for FSLogix 2201 includes fixes for mounting multi-session VHD files, cloud cache meta tracking files, and registry cleanup operations. Advertising
