https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61094#M335 <BLOCKQUOTE><HR /><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/715155969">@dcontesti</a>&nbsp;wrote:<BR /><P>I have always maintained that M$ was the buggiest software on the market.</P><HR /></BLOCKQUOTE><P>Do you mean it is the "featureist" software on the market? <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P><P>&nbsp;</P><P>Many of the flaws we have seen over the years have come about because the OS tacitly trusts other MS software. Their strategy over the years has been to own the entire software ecosystem on your computer. While that inherently stretches your development resources thin, it also leads to this pitfall of too much trust among different applications, libraries, etc. It's an arrogant, or maybe paranoid, strategy, compounded by licensing headaches and costs over the years. Still, the profits don't lie. They've done a great job convincing corporate decision-makers and the general public to keep buying them over the years.</P> Sun, 23 Jul 2023 12:15:10 GMT JoePete 2023-07-23T12:15:10Z https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61064#M332 <P>Hi All</P><P>&nbsp;</P><P>China-linked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others.</P><P>&nbsp;</P><P><A href="https://www.darkreading.com/cloud/microsoft-365-breach-risk-widens-millions-of-azure-ad-apps" target="_blank">https://www.darkreading.com/cloud/microsoft-365-breach-risk-widens-millions-of-azure-ad-apps</A></P><P>&nbsp;</P><P>"It is imperative for these applications to immediately refresh the list of trusted certificates," Tamari urged. "Microsoft advises refreshing the cache of local stores and certificates at least once a day."</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 09 Oct 2023 10:39:16 GMT https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61064#M332 Caute_cautim 2023-10-09T10:39:16Z https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61084#M333 <P>I have always maintained that M$ was the buggiest software on the market.</P><P>&nbsp;</P><P>In the Manufacturing environment, where we were using Unix, Linux, etc., we never had issues until M$ was introduced and sneaker net became a thing of the past.</P><P>&nbsp;</P><P>my nickel</P><P>&nbsp;</P><P>d</P><P>&nbsp;</P> Sat, 22 Jul 2023 18:22:54 GMT https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61084#M333 dcontesti 2023-07-22T18:22:54Z https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61088#M334 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/715155969">@dcontesti</a>&nbsp;&nbsp; I have also to agree with you.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Sun, 23 Jul 2023 01:12:26 GMT https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61088#M334 Caute_cautim 2023-07-23T01:12:26Z https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61094#M335 <BLOCKQUOTE><HR /><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/715155969">@dcontesti</a>&nbsp;wrote:<BR /><P>I have always maintained that M$ was the buggiest software on the market.</P><HR /></BLOCKQUOTE><P>Do you mean it is the "featureist" software on the market? <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P><P>&nbsp;</P><P>Many of the flaws we have seen over the years have come about because the OS tacitly trusts other MS software. Their strategy over the years has been to own the entire software ecosystem on your computer. While that inherently stretches your development resources thin, it also leads to this pitfall of too much trust among different applications, libraries, etc. It's an arrogant, or maybe paranoid, strategy, compounded by licensing headaches and costs over the years. Still, the profits don't lie. They've done a great job convincing corporate decision-makers and the general public to keep buying them over the years.</P> Sun, 23 Jul 2023 12:15:10 GMT https://community.isc2.org/t5/Cloud-Security/Microsoft-365-Breach-Risk-Widens-to-Millions-of-Azure-AD-Apps/m-p/61094#M335 JoePete 2023-07-23T12:15:10Z