The videos of my two Netwrix US webinars are now available

On May 18th and May 20th, I presented two distinct webinars on Active Directory and Azure AD Better Together. I presented these webinars together with Netwrix’ David Metzgar. The Microsoft cloud offers a wealth of benefits, from powerful enterprise applications and built-in high availability to predictable costs. But most organizations still need their on-premises IT … Continue reading "The videos of my two Netwrix US webinars are now available"

Azure AD-related updates from Identiverse 2021

Identiverse is the place for all things Identity. This year’s Identiverse Conference marks the 12th Identiverse Conference; its first-ever hybrid event to be held starting June 21, 2021. The in-person component is in Denver, Colorado with an accompanying virtual component that can be accessed from anywhere. Microsoft’s contributions to Identiverse 2021 were towards the virtual … Continue reading "Azure AD-related updates from Identiverse 2021"

TODO: Migrate from Azure MFA Server to Azure multi-factor authentication

This week, Microsoft made available guidance to migrate from Azure MFA Server to Azure multi-factor authentication (Azure MFA). While Microsoft officially still supports its on-premises Azure MFA Server product, the reality for organizations using MFA Server for multi-factor authentication purposes is harsh: Since MFA Server 8, released on April 10, 2018. MFA registration for the … Continue reading "TODO: Migrate from Azure MFA Server to Azure multi-factor authentication"

I will be speaking at a WICCA online event next week!

It's been a while, but I will be speaking at a WICCA online event next week. WICCA stands for "Women In Cybersecurity Community Association". Their goal is "to bring infosec ladies and female security enthusiasts together to learn about exploits, hacking, incident response, forensics, the low-level stuff and make bad crypto jokes!" At their June … Continue reading "I will be speaking at a WICCA online event next week!"

Remote Desktop Connection Manager (RDCMan) is back

Microsoft released a new version of Remote Desktop Connection Manager (RDCMan) this week. This version, released as part of the SysInternals suite, solves a critical vulnerability and allows admins in Microsoft-oriented networks to enjoy remote desktop connections again (relatively) safely. About Remote Desktop Connection Manager RDCMan used to be a popular tool to collect, categorize … Continue reading "Remote Desktop Connection Manager (RDCMan) is back"

Fifteen years of things better left unspoken

Today marks the 15th anniversary of the first blog post on this blog, titled The Things That Are Better Left Unspoken. Fifteen years ago, in June, 2006, I posted the first blog post here. Since June 23, 2006, this blog has featured 1,381 more blogposts, 1,041 comments and draws the attention of over 20,000 pairs … Continue reading "Fifteen years of things better left unspoken"

VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)

This week, VMware introduced a new version of its VMware Tools. The reason for this release is a Denial of Service (DoS) vulnerability. About VMware Tools VMware Tools is a set of services and modules that enable several features in VMware products for better management of, and seamless user interactions with, guest Operating Systems. Although … Continue reading "VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)"

Azure Active Directory-related sessions at Identiverse 2021

Identiverse is the place for all things Identity. This year’s Identiverse Conference marks the 12th Identiverse Conference; its first-ever hybrid event to be held starting June 21, 2021. The in-person component is in Denver, Colorado with an accompanying virtual component that can be accessed from anywhere.   About Identiverse Identiverse is the hub for all … Continue reading "Azure Active Directory-related sessions at Identiverse 2021"

Azure AD-related announcements from RSA Conference 2021

Microsoft’s contribution to the virtual 2021 RSA Conference between May 17, 2021 and May 20, 2021 was centered around the principle of Zero Trust. Certainly, announcements were made to fit the principals of Zero Trust from within Azure AD. Azure AD features, announced at RSA 2021 Microsoft announced the following new Azure AD features: GPS-based … Continue reading "Azure AD-related announcements from RSA Conference 2021"

Kerberos AppContainer Security Feature Bypass Vulnerability (CVE-2021-31962, CVSSv3 9.4/8.2)

This month’s Patch Tuesday, Microsoft addresses a vulnerability that exists in the Windows Kerberos implementation for AppContainers. With a CVS v3 score of 9.4/8.2 this is a critical update that should be remediated with the highest priority. About AppContainers Isolation is the primary goal of an AppContainer execution environment. By isolating an application from unneeded … Continue reading "Kerberos AppContainer Security Feature Bypass Vulnerability (CVE-2021-31962, CVSSv3 9.4/8.2)"