security and privacy

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508 The following vulnerabilities have recently been discovered and announced by Citrix. CVE-2022-27507  Authenticated denial of service  CWE-400: Uncontrolled Resource Consumption     VPN (Gateway) virtual server with   DTLS, and  either ‘HDX Insight for EDT traffic’ or ‘SmartControl’ is configured  […]

Azure App Service

VNET integration and private endpoints supported by App Service Basic SKU

Microsoft has announced that Azure App Service supports VNet integration (for App Service outbound connections) and private endpoints (for App Service inbound inbound connections) at the Basic SKU. The App Service VNet integration feature enables App Service apps to access resources in or through a virtual network. For inbound access, private endpoints […]

security and privacy

Citrix ADC security vulnerabilities

Citrix ADC security vulnerabilities description A new security vulnerability with ID CVE-2021-22955 (Unauthenticated denial of service) has been discovered in Citrix ADC, which affects the following Citrix products and firmware versions: Citrix ADC and Citrix Gateway 13.0 before 13.0-83.27  Citrix ADC and Citrix Gateway 12.1 before 12.1-63.22  Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.23  Citrix ADC 12.1-FIPS before 12.1-55.257  Also […]

security and privacy

Microsoft 365 secure score top 10 improvement actions

Introduction Microsoft 365 security score is a consolidated security score based on Microsoft best practice security configurations for Microsoft 365 tenants. The higher the score the higher theoretically your overall Microsoft 365 tenant security levels. The score comprises a list of improvement actions based on your current security posture. Not […]

Exchange Online and SharePoint Online data protection mechanisms

Exchange Online and SharePoint Online data protection mechanisms

All Office365 components are adequately protected from accidental deletion via the usage of various Office365 features. The following features are offered out of the box for Office 365 data protection. Feature Sharepoint and OneDrive for Business Recycle Bins In SharePoint Online, items are retained for 93 days from the time […]

cloudknox

Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management

The acquisition of CloudKnox further enables Microsoft Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. Microsoft is committed to providing their customers with unified privileged access management, identity governance and entitlement management including: Automated and simplified access policy enforcement in one […]

Microsoft Security Portal

Overview of Microsoft Azure Security Tools

Microsoft Azure Security Tools Besides the Microsoft Security Response Center (MSRC), Microsoft offers a handful of security related tools and APIs which are available via Web-based consoles, Microsoft Graph API and Powershell. By navigating to https://security.microsoft.com/info, you should be able to utilize all available security tools and consoles as described […]

Citrix Virtual Apps and Desktops Deployment and Adoption Resource Center

Citrix announced VAD security vulnerabilities

Case Citrix announced on November 10th 2020 the following vulnerabilities. CVE ID Description Vulnerability Type Pre-conditions  CVE-2020-8269 An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM CWE-269: Improper Privilege Management The attacker must be an authenticated user on the Windows VDA with write access to the C:\ directory CVE-2020-8270 An unprivileged Windows user on the VDA or a SMB user can perform arbitrary command execution as SYSTEM […]

Citrix Security Bulletin Alert

Citrix Security Bulletin Alert 11 June 2020

Citrix released today (11th June 2020) a security bulletin alert regarding a discovered software vulnerability in the Citrix Workspace App client: https://support.citrix.com/article/CTX275460 A new version of Citrix Workspace app client for Windows has been released. Citrix strongly recommends that all customers upgrade Citrix Workspace app to the latest version via Auto Update, or by directly running […]