Yesterday, Ax Sharma with Ars Technica revealed security company Secureworks has identified a current vulnerability in Azure Active Directory Seamless Single Sign-On.
A Secureworks threat update published by Ars Technica indicates the Secureworks Counter-Threat Unit “…reported the flaw to Microsoft on June 19…” and “…Microsoft confirmed the behavior on Juy 21…”, but Microsoft concluded the functionality was part of the way Seamless Single Sign-On is designed.
Ars Technica quotes the Secureworks Counter-Threat Unit researchers as saying “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory without generating sign-in events in the targeted organization’s tenant…” The researchers also explain the vulnerability affects “…any Azure AD or Microsoft 365 organization, including organizations that use Pass-through Authentication (PTA)…” Apparently, however, user accounts without a password for Azure AD are not at risk.
In an article posted to Bleeping Computer earlier this morning, Sergiu Gatlan details a Microsoft 365 login problem currently affecting on-prem users of MFA in conjunction with Network Policy Server or Active Directory Federation Services. Microsoft tweeted about the issue a little after 10:00am.
Sanaz Ahari, Google’s Senior Director of Product Management, has published a detailed blog article explaining Google’s strategy for streamlining the hybrid work model using Google Workspace.
At the top of the list are Spaces, “the central place for team collaboration in Workspace”. An apparent competitor to Slack and Microsoft Teams, Spaces bring together other Google products like Calendar, Docs, Meet, etc. in an environment optimized for multiple team-members to work in a distributed, asynchronous fashion.
Regarding Meet, Google is also partnering with hardware manufacturers, including Cisco, to make their meeting app easier to use and more pervasive in the market.
Read Ahari’s blog post for the full rundown on where Google is planning to take Workspace going forward!
Yesterday, DevClass reported that with Elastic’s recent release of Elastic 7.15, the “recently added Google Private Service Connect looks to keep data off the internet by offering private connectivity from Google Cloud virtual private cloud to Elastic Cloud deployments.”
The release also includes updated functionality in Observability and Security, as well as the general availability of Elastic APM correlations and Elastic App Search for Enterprise Search.
Last week, ThreatPost reported Zoho has patched a vulnerability in its ManageEngine ADSelfService Plus product, which ThreatPost describes as “a self-service password management and single sign-on (SSO) platform for AD and cloud apps”.
CNBC is reporting a change in the engineering leadership of Google’s cloud team. Thomas Kurian, the CEO of Google Cloud, wants to continue growing the company’s market share from its current 10%, up from 7% three years ago.
Many businesses are bad at security. The chances of something catastrophic happening to your data are greater if you keep it on-prem. Play the percentages.
Occasionally, I run into a business owner who’s afraid of the cloud. They don’t have nephophobia–they just like to keep their data on-site. Their argument often goes something like this:
“I like to know where it’s at.”
“The cloud has breaches all the time!”
“What if my data gets deleted?”
Or, my personal favorite:
“”I don’t want the Chinese to hack into my system.”
There are various levels of validity to these concerns. They often come up during well-meaning security presentations oscillating somewhere between “prudent” and “FUD” (good old “fear, uncertainty, and doubt”!).
Often overlooked, however, is the fact that the risk of keeping your data on-prem is likely greater than your risk of it suffering a cloud-based disaster.
When it comes to security, maintaining your own IT infrastructure is a big risk factor. Security firm Imperva concluded “46 % of On-Prem Databases Contain Vulnerabilities”. MyTechDecisions is reporting recent vulnerabilities in on-prem systems have highlighted the security advantages of the cloud. In both cases, a big part of the problem is insufficiently patched resources at individual companies. Many organizations are simply unable or unwilling to pay for the IT security expertise and labor required to keep everything fully patched. These vulnerabilities are an attractive target for bad actors.
In addition to the risks inherent to on-prem solutions, the cloud providers are incentivized to continuously improve their services. In a round-table discussion published by the Albany Business review, Lauren Groff discusses how a cloud subscription model gives vendors a higher ROI for enhancements than the legacy model used for many on-prem products.
While human nature tempts us to “keep our data where we can see it”, the realities of the market and scarce resources tell a different story. Move your data to the cloud, so you can sleep better at night!
Share With —
CTO, CIO, CISO
Action Items —
• Review your current security posture with your in-house IT, staff or your managed services provider.
• Pay close attention to where your hardware and software are at in their patching cycle.
• How many outstanding patches do you have?
• What are the potential consequences if the remaining vulnerabilities are exploited?
• What is the potential cost of continuing to do what you’ve always done?
Brian S. Pauls is the founder and vCTO of Cloudessy. He likes to keep the dice for his table-top role-playing games on-prem, and his data in the cloud.