Category Archives: Uncategorized

This week, on its Patch Tuesday for March 2023, Microsoft released a patch that addresses a highly critical vulnerability (CVE-2023-23392) in the HTTP Protocol Stack.   About the vulnerability CVE-2023-23392 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. An unauthenticated attacker could send a specially crafted packet […]

I’m proud to announce that I will be co-presenting a webinar with Netwrix’ Dirk Schrader on Tuesday February 21st, 2023 at 8PM CET (UTC+1) on preventing attacks against Active Directory using Entra and Netwrix technologies.   About the webinar Active Directory controls access to critical systems and data for organizations around the world, but it […]

On November 11th, 2022, Microsoft released version 8.1.3.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios.   What’s New The release notes mention the following changes: Seamless Upgrades Azure MFA Server 8.1.3 introduces functionality to eliminate downtime when upgrading to […]

I’m happy to announce that I am returning as a speaker for the European SharePoint, Office 365 and Azure Conference (ESPC) 2022 from November 28th to December 1st, 2022.   About ESPC22 The European SharePoint, Office 365 & Azure Conference (ESPC) provides Microsoft 365 and Azure professionals with the expert content and connections to help them achieve […]

With Microsoft introducing the Lifecycle Workflows functionality Public Preview at its Microsoft Ignite event last month, some things are definitely changing… Azure AD is now poised to become the leading identity management plane and Active Directory to become a mere authentication store.However, to make that dream work, Azure AD Connect needs to offer additional functionality […]

When it comes to encryption, many weak algorithms and ciphers are still heavily used and relied upon in Active Directory environments everywhere. One of the typical weak algorithms used in encrypting Kerberos tickets is RC4; the cipher RC4-HMAC to be precise. Typically, RC4 is used by legacy systems, over misconfigured Active Directory trusts, and by […]

Starting June 15 2022, Microsoft will no longer support Microsoft Defender for Identity sensors on servers running Windows Server 2008 R2. Microsoft recommends that admins identify any remaining domain controllers (DCs),  AD FS servers and AD FS Proxy servers that are still running Windows Server 2008 R2 as an operating system and make plans to […]

Azure Active Directory is extremely versatile and offers profound ways to share applications, data and functionality with people outside your organization. However, sometimes you don't want to share things with people outside your organization. Here's how.   The problem with All Users One of the first things you need to realize in Azure AD when […]

IT Pro|Dev Connections is a conference organized by the largest Greek communities for everyone in the Computer and Information Technology industry. The content focuses on products, technologies and services that are "hot" or up and coming and provide valuable knowledge to the participants. On December 13th, 2020, I presented the following 50-minute session at the […]