ProxyToken: An Authentication Bypass in Microsoft Exchange Server https://ift.tt/3zGkQtK Continuing with the theme of serious vulnerabilities that have recently come to light in Microsoft Exchange Server, in this article we present a new vulnerability we call ProxyToken. It was reported to the Zero Day Initiative in March 2021 by researcher Le Xuan Tuyen of VNPT […]
Microsoft Azure Cosmos DB Guidance https://ift.tt/3kxDVYN Original release date: August 27, 2021 CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. Although the misconfiguration appears to have been fixed within the Azure cloud, CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate […]
EasyWSL turns Linux docker images into a Windows 10 WSL distro https://ift.tt/37KPyWo If you can’t find your favorite Windows Subsystem for Linux distribution available in the Microsoft Store, a new program called EasyWSL can convert almost any Linux Docker image into a WSL distro. The Microsoft Store offers many prebuilt Linux WSL distributions such as […]
How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel https://ift.tt/3lslyXy With every week bringing new headlines about crippling cyberattacks, and with organizations growing increasingly distributed, security teams are constantly asked to do more with less. Moving to cloud-native security information and event management (SIEM) can help security teams analyze data with […]
Microsoft provides more mitigation instructions for the PetitPotam attack https://ift.tt/3favMrw In a revision of KnowledgeBase article KB5005413, Microsoft has provided more elaborate mitigation instructions for the PetitPotam attacks that were disclosed a week ago. PetitPotam is the name for an attack method using a bug that was found by a security researcher who also published […]
NTLM relaying to AD CS – On certificates, printers and a little hippo https://ift.tt/3i5L9mV I did not expect NTLM relaying to be a big topic again in the summer of 2021, but among printing nightmares and bad ACLs on registry hives, there has been quite some discussion around this topic again. Since there seems to […]
Preparing for your migration from on-premises SIEM to Azure Sentinel https://ift.tt/3ytrMcR The pandemic of 2020 has reshaped how we engage in work, education, healthcare, and more, accelerating the widespread adoption of cloud and remote-access solutions. In today’s workplace, the security perimeter extends to the home, airports, the gym—wherever you are. To keep pace, organizations require […]
Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability https://ift.tt/3hoCko2 On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible. CVE-2021-34527 – Windows Print Spooler Remote […]
Five Steps for Safely Migrating your Workloads to the Cloud https://ift.tt/3qUkBrP Why security in the cloud is a shared responsibility relationship between the infrastructure provider and the customer By Paul Farrall, CISO at Skytap Organizations moving workloads to the cloud must make sure that those workloads remain secure, especially organizations that handle sensitive customer data […]
Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability https://ift.tt/3AcWk49 A proof-of-concept (PoC) exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. Identified as CVE-2021-1675, the security issue could grant remote attackers full control of vulnerable […]
Stack IT News 