In 2020, Microsoft announced the vNext editions of their popular SharePoint, Skype for Business, Project, and Exchange Server applications, due for release in the second half of 2021. However, as of the time of publication, only SharePoint and Project Server Subscription Editions are available. The other products have had their delays greeted with a wall… Continue reading Microsoft Exchange Server vNext Delayed – New Details Available
Category: Security
Denial of Service via… SSL Certificates? CVE-2022-0778
Congratulations if this was on your InfoSec Bingo Card, Denial of Service via maliciously crafted SSL certificates! Read on for full details!
Critical VMware Vulnerability: VMSA-2022-0014
VMware recently released information regarding VMSA-2022-0014, a critical authentication bypass & privilege escalation vulnerability for multiple products. In this blog post, I’ve collated some key information to swiftly identify if you’re impacted, as well as calling out must know information around remediation.
Using an Asustor NAS? Shut it down now!
Hi everyone, Quick one here due to time sensitivity. Deadbolt, the ransomware that has previously been utilised to attack QNAP NAS devices, has been used to attack Asustor NAS devices. Looks like there’s an exploit in the EZ Connect system, so advice is currently to disconnect the NAS from the internet and disable this service… Continue reading Using an Asustor NAS? Shut it down now!
Backups, Trust, Boundaries, and Cloud Security Considerations in 2022
Cloud adoption continues to increase as organisations are either taking their first steps into the cloud, or progressing their IT strategies, whether it’s a full cloud migration, multi-cloud or delivering a hybrid architecture. A great workload to leverage the cloud has been as a backup repository. By using the cloud, we can meet multiple improvements… Continue reading Backups, Trust, Boundaries, and Cloud Security Considerations in 2022
Key Changes in the New Veeam Backup for Microsoft Azure v3a Release
As the headline suggests, Veeam recently released a “version 3a“ of Veeam Backup for Microsoft Azure. Whilst there are your usual mixture of security fixes and bugs resolved, it actually brings a new (and welcome) change to the licensing structure around protecting Azure SQL workloads (not to be confused with Azure virtual machines running SQL… Continue reading Key Changes in the New Veeam Backup for Microsoft Azure v3a Release
Veeam Supported Products Reaching End of Life in 2022
After my last post highlighting the Veeam software that reaches end of support in 2022, I wanted to expand this further and discuss software that Veeam works with that will be approaching end of life in 2022. Why does this matter when I’m just trying to protect the data? Times change, and software changes with… Continue reading Veeam Supported Products Reaching End of Life in 2022
Data Protection Best Practice: Encrypting Backups
Today I want to talk about backups, and the importance of encrypting them, everywhere. When people think of encrypted backups, the usual first thoughts are around portable backups such as tape and USB or backups outside of your trust domain such as cloud storage. This is a great starting point, and if you’re not currently… Continue reading Data Protection Best Practice: Encrypting Backups
VMware vCenter Server Appliance: Sequence Wrong Size for a Certificate when replacing SSL Certificates
Hi! Just a quick one today. I was replacing a certificate for a customer’s VCSA today with one from their internal CA when I hit the error “Sequence Wrong Size for a Certificate”. To clarify, I had generated a CSR from the VCSA, requested the certificate from the CA, downloaded this and the certificate chain… Continue reading VMware vCenter Server Appliance: Sequence Wrong Size for a Certificate when replacing SSL Certificates
Workaround: KB5005043 / Security Update August 2021 Won’t Install on Windows Server 2016
I’ve found a lot of clients are having the same issue with their Windows Server 2016 servers and getting KB5005043 to install. It seems that Microsoft might not be identifying this patch correctly as it doesn’t show within Windows Update for most and then downloading the patch manually from the Microsoft Catalog results in the… Continue reading Workaround: KB5005043 / Security Update August 2021 Won’t Install on Windows Server 2016
Michael Paul | @micoolpaul 