Birds of a feather flock together. So, when fellow Security MVP and Identity nerd Eric Woodruff visited our home country, Raymond Comvalius and I didn’t hesitate to offer him a pancake ‘breakfast’ to chat about all things Entra. Lunch and a laid-back conversation on Raymond’s couch unearthed some valuable discussion for us Identity & Security … Continue reading "Join Raymond and me as we discuss “UnOauthorized” with Eric Woodruff"
I’m speaking at NT Konferenca 2024
I’m proud to announce that for the sixth year in a row, I’m invited to speak at NT Konferenca in Slovenia. I’ll be presenting two break-out sessions. About NT Konferenca NT Konferenca is the biggest Slovenian technological conference. NT Konferenca is not just about IT trends and solutions. It is also about the ways … Continue reading "I’m speaking at NT Konferenca 2024"
What's New in Entra ID for August 2024
Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID and in the Message Center, Microsoft communicated the following planned, new and changed functionality for Entra ID for August 2024: What's Planned … Continue reading "What's New in Entra ID for August 2024"
On-premises Identity-related updates and fixes for August 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for August 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for August 2024"
What's New in Veeam Backup and Replication v12.2 for Identity Admins
Today, Veeam released v12.2.0.334 of its Backup and Replication (VBR) core product and v12.2.0.4093 of Veeam ONE. Veeam also introduced v6.2 of the Veeam Agent for Windows and the Veeam Agent for Linux. Additionally, the latest version of Veeam Backup for Nutanix AHV is v6 since today, The focus of these releases is on … Continue reading "What's New in Veeam Backup and Replication v12.2 for Identity Admins"
Entra ID Application Security – A Complex Problem with a Community Solution
Application governance in Entra is a hot topic these days, especially in the context of zero trust, where we aim for least-privilege access in terms of Graph API permissions, explicitly verify the identities of publishers and people in our organizations and assume breach. Many organizations are decommissioning Active Directory Federation Services (AD FS) and switching … Continue reading "Entra ID Application Security – A Complex Problem with a Community Solution"
VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3
Today, Broadcom issued a second update to VMSA-2024-003 for VMware ESXi, specifically to address the vulnerability CVE-2024-37085. This vulnerability, with a CVSSv3 base score of 6.8 out of 10 (Moderate), allowed an adversary with sufficient Active Directory permissions to gain full access to ESXi hosts. About the vulnerability For an adversary to abuse this … Continue reading "VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3"
VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers
On June 25th, 2024, Broadcom made vSphere 8.0 Update 3 generally available. In the details of the Release Notes for vSphere 8.0 Update 3 and ESXi 8.0 Update 3, Broadcom announces PingFederate Support in vSphere Identity Federation. This is a huge update for Identity and Access admins using VMware's virtualization platform as it broadens their options … Continue reading "VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers"
What's New in Entra ID for July 2024
Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID, Microsoft communicated the following planned, new and changed functionality for Entra ID for July 2024: What's Planned New SAML applications can't receive … Continue reading "What's New in Entra ID for July 2024"
On-premises Identity-related updates and fixes for July 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for July 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for July 2024"