the clown

This page is under construction. For now I just want to save and store some links for future usage

=> CIOs still waiting for the cloud investments to pay off | Why we're leaving the cloud | Microsoft takes pains to obscure role in 0-days that caused email breach | Results of Major Technical Investigations for Storm-0558 Key Acquisition | Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token | Basecamp saving about 7 million over five years by leaving the cloud | Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks (2023) | Azure down for hours, likely due to DDoS attack

The big 2023 Azure AD fuckup

This happened in July/August 2023. Azure allowed unauthorized access to CROSS-TENANT (!!) applications and sensitive data, as reported by Tenable (and verified by others).

=> The big Azure credential fuckup | Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform | Microsoft cloud security blasted for its culture of toxic obfuscation | Microsoft test account was assigned admin privileges, major email leak

=> CISA Report | /stuff/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf

The CISA Report is devastating. I quote from section 2 Findings and Recommendations:

The Board concludes that Microsoft’s security culture was inadequate. The Board reaches this conclusion based on:

  1. the cascade of Microsoft’s avoidable errors that allowed this intrusion to succeed;

  1. Microsoft’s failure to detect the compromise of its cryptographic crown jewels on its own, relying instead on a

customer to reach out to identify anomalies the customer had observed;

  1. the Board’s assessment of security practices at other CSPs, which maintained security controls that Microsoft

did not;

  1. Microsoft’s failure to detect a compromise of an employee’s laptop from a recently acquired company prior to

allowing it to connect to Microsoft’s corporate network in 2021;

  1. Microsoft’s decision not to correct, in a timely manner, its inaccurate public statements about this incident,

including a corporate statement that Microsoft believed it had determined the likely root cause of the intrusion

when in fact, it still has not; even though Microsoft acknowledged to the Board in November 2023 that its

September 6, 2023 blog post about the root cause was inaccurate, it did not update that post until March 12,

2024, as the Board was concluding its review and only after the Board’s repeated questioning about

Microsoft’s plans to issue a correction;

  1. the Board’s observation of a separate incident, disclosed by Microsoft in January 2024, the investigation of

which was not in the purview of the Board’s review, which revealed a compromise that allowed a different

nation-state actor to access highly-sensitive Microsoft corporate email accounts, source code repositories, and

internal systems; and

  1. how Microsoft’s ubiquitous and critical products, which underpin essential services that support national

security, the foundations of our economy, and public health and safety, require the company to demonstrate

the highest standards of security, accountability, and transparency

=> Warren Buffett’s GEICO repatriates work from the cloud, continues ambitious infrastructure overhaul

Proxy Information
Original URL
gemini://feldspaten.org/pages/the-clown.gmi
Status Code
Success (20)
Meta
text/gemini; lang=en; charset=utf-8
Capsule Response Time
175.873564 milliseconds
Gemini-to-HTML Time
1.326137 milliseconds

This content has been proxied by September (ba2dc).