If you use any Microsoft cloud product that includes AD FS for single-login authentication, read this item, in its entirety! Now! This item describes yet another reason to use open source products, and avoid the closed-source alternatives.
My2Cents,
Ernie
Typical Microsoft action
Yeah, no surprise here. I just thought people should know about the vulnerability, and the mitigation outlined in the referenced item.
Ernie
There is a prominent Medical Insurance Fund in Australia , that failed to use 2FA for its network and had its customer database hacked.
People are being blackmailed with threats of having their medical history made public.
That’s a terrible thing, but not surprising. Those miscreants will stoop low enough, and do anything to get your/our money, but bad on that insurance fund too. They should have known to secure their member’s data better than they did, by at least encrypting it so even if they get hacked, the crackers won’t be able to read anything they get. I know encryption isn’t a perfect solution, but it’ll sure make life harder for the bad guys.
Ernie