Blogs
Links
Archives
Categories
Social networks
Awards
Sponsors
(Paypal-Donations)Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Meta
Recent Comments
- EP on Edge version 124.0.2478.51 causes issues with http pages
- GM on Windows Server 2016: AD problems after updates KB5034862 and KB5034767 (Feb. 2024)
- José Roberto on Google account blocked and police action because of toddler photos for the doctor
- Anonymous on WSUS displays all Windows 11 clients as Windows 10 Enterprise
- GordK on Windows 10: Workaround for jumping explorer view
Archives
Categories
Meta
Tag Archives: Azure
Microsoft 365/Exchange Online enforces suddenly MFA via Microsoft Authenticator app
[German]A quick question for the administrators responsible for Exchange Online and Microsoft 365 applications. I've just received an email from Alex saying that their users have had massive problems with Exchange Online "since today" because the Microsoft 365 applications suddenly … Continue reading
Advertising
Azure Virtual Desktop is generally available (February 1, 2024)
[German]A small addendum to a topic that has been on my list for a few days. Microsoft has made Azure Virtual Desktop generally available (GA) on the Azure Stack HCI platform. Here is some information on this topic. Advertising
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Microsoft has fixed Azure vulnerability faster (in August 2023) after Tenable criticism
[German]Microsoft surprisingly fixed a vulnerability in the Azure environment as reported of Aufugst 4, 2023, with a patch originally scheduled for end of September 2023. Microsoft has been aware of the vulnerability since March 2023. The harsh criticism of the … Continue reading
Advertising
Microsoft as a Security Risk? Azure vulnerability unpatched since March 2023, heavy criticism from Tenable – Part 2
[German]Security vendor Tenable has made serious accusations against Microsoft. A critical vulnerability in Azure Active Directory (AAD, recently EntraID) has been known since March 2023, but has not yet been patched. The CEO of security vendor Tenable, Amit Yoran, sharply … Continue reading
Stolen AAD key allowed (Storm-0558) wide-ranging access to Microsoft cloud services
[German]Microsoft had to admit on begin of July 2023 that suspected Chinese hackers from the Storm-0558 group were able to forge security tokens using a stolen private MSA key. Then then gain broad access to Microsoft cloud services, as Wiz … Continue reading
Advertising
Azure Virtual Desktop: Private Link available
[German]A small addendum for administrators of Microsoft's Azure Virtual Desktop: Redmond announced last week that so-called "private links" are now generally available in Azure Virtual Desktop. This should increase the security of connections to Azure Virtual Desktop instances. This is … Continue reading
Microsoft Azure outage (June 9, 2023); what's going on?
[German]Microsoft has been struggling with outages in its cloud services (Exchange Online, Outlook.com) for days. As of June 9, 2023, the services of Microsoft Azure (probably worldwide) were disrupted. May be technical in nature – but rumor persists that attackers … Continue reading
Azure Virtual Desktop: RDP connection issues due to SxSStackListener
[German]Anyone in the readership having issues with RDP connections to Azure Virtual Desktop (AVD) these days? It looks like a particular version of SxSStackListener is causing the problem. A user wrote a PowerShell script to determine the problematic version. Advertising
Advertising
3 vulnerabilities discovered in MS Azure API management
[German]Security researchers from Israeli security vendor Ermetic have discovered three vulnerabilities in Microsoft's Azure API management. Two server-side request forgery (SSRF) vulnerabilities and an unrestricted file upload issue create risks for the Microsoft cloud environment. The vulnerabilities could be abused … Continue reading
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading