Azure AD-related updates from Identiverse 2021

Identiverse is the place for all things Identity. This year’s Identiverse Conference marks the 12th Identiverse Conference; its first-ever hybrid event to be held starting June 21, 2021. The in-person component is in Denver, Colorado with an accompanying virtual component that can be accessed from anywhere. Microsoft’s contributions to Identiverse 2021 were towards the virtual … Continue reading "Azure AD-related updates from Identiverse 2021"

TODO: Migrate from Azure MFA Server to Azure multi-factor authentication

This week, Microsoft made available guidance to migrate from Azure MFA Server to Azure multi-factor authentication (Azure MFA). While Microsoft officially still supports its on-premises Azure MFA Server product, the reality for organizations using MFA Server for multi-factor authentication purposes is harsh: Since MFA Server 8, released on April 10, 2018. MFA registration for the … Continue reading "TODO: Migrate from Azure MFA Server to Azure multi-factor authentication"

Remote Desktop Connection Manager (RDCMan) is back

Microsoft released a new version of Remote Desktop Connection Manager (RDCMan) this week. This version, released as part of the SysInternals suite, solves a critical vulnerability and allows admins in Microsoft-oriented networks to enjoy remote desktop connections again (relatively) safely. About Remote Desktop Connection Manager RDCMan used to be a popular tool to collect, categorize … Continue reading "Remote Desktop Connection Manager (RDCMan) is back"

Fifteen years of things better left unspoken

Today marks the 15th anniversary of the first blog post on this blog, titled The Things That Are Better Left Unspoken. Fifteen years ago, in June, 2006, I posted the first blog post here. Since June 23, 2006, this blog has featured 1,381 more blogposts, 1,041 comments and draws the attention of over 20,000 pairs … Continue reading "Fifteen years of things better left unspoken"

VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)

This week, VMware introduced a new version of its VMware Tools. The reason for this release is a Denial of Service (DoS) vulnerability. About VMware Tools VMware Tools is a set of services and modules that enable several features in VMware products for better management of, and seamless user interactions with, guest Operating Systems. Although … Continue reading "VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)"

Azure Active Directory-related sessions at Identiverse 2021

Identiverse is the place for all things Identity. This year’s Identiverse Conference marks the 12th Identiverse Conference; its first-ever hybrid event to be held starting June 21, 2021. The in-person component is in Denver, Colorado with an accompanying virtual component that can be accessed from anywhere.   About Identiverse Identiverse is the hub for all … Continue reading "Azure Active Directory-related sessions at Identiverse 2021"

Azure AD-related announcements from RSA Conference 2021

Microsoft’s contribution to the virtual 2021 RSA Conference between May 17, 2021 and May 20, 2021 was centered around the principle of Zero Trust. Certainly, announcements were made to fit the principals of Zero Trust from within Azure AD. Azure AD features, announced at RSA 2021 Microsoft announced the following new Azure AD features: GPS-based … Continue reading "Azure AD-related announcements from RSA Conference 2021"

Kerberos AppContainer Security Feature Bypass Vulnerability (CVE-2021-31962, CVSSv3 9.4/8.2)

This month’s Patch Tuesday, Microsoft addresses a vulnerability that exists in the Windows Kerberos implementation for AppContainers. With a CVS v3 score of 9.4/8.2 this is a critical update that should be remediated with the highest priority. About AppContainers Isolation is the primary goal of an AppContainer execution environment. By isolating an application from unneeded … Continue reading "Kerberos AppContainer Security Feature Bypass Vulnerability (CVE-2021-31962, CVSSv3 9.4/8.2)"

SAML Authentication Hijack Vulnerability on Citrix ADC and Citrix Gateway Appliances (CVE-2020-8300)

Today, I was notified that certain Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway appliances are vulnerable to a SAML authentication hijack through a phishing attack to steal a valid user session.   About the vulnerability If Citrix ADC or Citrix Gateway appliances are not upgraded to the recommended versions and if the … Continue reading "SAML Authentication Hijack Vulnerability on Citrix ADC and Citrix Gateway Appliances (CVE-2020-8300)"

I’m presenting two more Active Directory and Azure AD Better Together webinars

After the huge success of my previously co-presented Active Directory and Azure AD Better Together webinars for their US audience, Netwrix and I have decided to organize these webinars again for people in Europe, Africa and the Middle-East. On June 23rd and June 25th, Netwrix’ Russel McDermott and I discuss how Active Directory and Azure … Continue reading "I’m presenting two more Active Directory and Azure AD Better Together webinars"