Sysadmin

Hello,

TLDR; Approx 2 years ago we manually created Cloud users on our 365 Tenant to start using Teams. Now we're trying to sync our on-prem AD with AAD and experiencing issues due to pre-existing Exchange Online mailboxes. Cannot delete the mailbox without deleting the user. Can't delete the user because we don't want to lose anything in Teams. Looking for help.

During the pandemic we had a lot of staff start working remotely. Our existing messaging platform was not up to the task and we jumped on the Teams bandwagon, shortly after we bought a mix of Business Basic and Business Standard licenses for all our staff. When applying the licenses to the staff we also inadvertently assigned an Exchange Online license. No big deal we thought at the time because our corporate email MX records point to our on-prem Exchange servers.

Fast forward to now and we're in the process of trying to sync all on-prem users to Azure AD so we can ultimately migrate our mailboxes off of our on-prem Exchange 2013 servers and on to Exchange Online. We've run into an issue that Microsoft support is having trouble solving. Because the cloud users were manually created before we setup AAD Connect and configured Hybrid Exchange, the Tenant knows nothing about the on-prem mailboxes. I cannot sync on-prem users to our Tenant because a mailbox exists for the user already. I cannot delete the Exchange Online user mailbox without deleting the user. Deleting the user will cause data and permission loss with Teams.

The sync process works fine if the user doesn't exist on the Tenant first, or if the 365 user doesn't have a pre-existing mailbox.

Hoping to find someone who's been in a similar situation and was able to solve it. Information online is sparse for this scenario and I'm not able to find anything that helpful.

I'm just curious

Caesars' 8-K also implies that a ransom demanded by the attackers was paid to prevent the leak of the stolen data online—a Wall Street Journal report says the hotel and casino entertainment company paid roughly $15 million, half of the attackers' initial $30 million demand.

I upgraded my systems to it and had no issues. There are few changes and it is mostly a patch to fix zfs replication in encrypted environments

: Today's Patch Tuesday summary: this month's release addresses 61 vulnerabilities from Microsoft: TWO zero days (one with PoC!), five critical.

Plus many important third-party vulnerabilities: Android, Google Chrome, Firefox, Ivanti, SCADA, Citrix, Splunk, Notepad++, Juniper, Apple, Skype, WinRAR, Intel, AMD, and Siemens.

Quick summary:

Windows: 61 vulnerabilities: two zero-days: CVE-2023-36761 and CVE-2023-36802 five critical: CVE-2023-38148, CVE-2023-36796, CVE-2023-36793, CVE-2023-36792, CVE-2023-29332 Android: two sets of fixed vulnerabilities, one zero-day CVE-2023-35674 Adobe: zero-day CVE-2023-26369 Chrome: 9 vulnerabilities Ivanti: seven critical vulnerabilities SCADA: zero-day CVE-2023-39476 (CVSS 9.8) Citrix: CVE-2023-3519, part of extensive malware campaign Splunk: several serious vulnerabilities Notepad++: four critical vulnerabilities Juniper: four serious vulnerabilities Apple: two zero-daysCVE-2023-41064 and CVE-2023-41061 Skype: vulnerability revealing user's IP address WinRAR: serious vulnerabilities CVE-2023-40477 and CVE-2023-38831 Intel: CVE-2022-40982, aka "Downfall" AMD: CVE-2023-20569 aka “Inception" Siemens: over 30 vulnerabilities Sorry, can’t post the full details here due to the max post size limit, so go to the Action1 Vulnerability Digest page: https://www.action1.com/patch-tuesday-september-2023/?vmr (it is updated in real-time as we learn more)

Other sources:

Zero Day Initiative. https://www.zerodayinitiative.com/blog/2023/9/12/the-september-2023-security-update-review

Bleeping Computer: https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5030219-cumulative-update-released-with-24-fixes-changes/

MSRC: https://msrc.microsoft.com/update-guide/vulnerability

How can I allow a user/s to edit/update shared contacts in Exchange/Outlook 365?

cross-posted from: https://lemmy.capebreton.social/post/506912

More than a dozen cybersecurity professionals shared with CyberScoop similar stories stemming from the intense work demands of an industry that involves often 24/7 vigilance against a growing tide of cyberthreats. Despite a growing awareness of mental health struggles within the industry, sources said there still aren’t enough resources inside companies or across the broader cybersecurity community for professionals dealing with burnout, stress and the intense anxiety of working in a high-pressure environment...

I'm sending this to my boss to remind him why monitoring disk space is vital.

Image shows a grid of four columns and eight rows detailing the difference between four common types of file transfer: tftp, ftp, sftp, and scp; across eight data points: transfer protocol, standard port, speed overview, security overview, authentication support, encryption support, and connection orientation.

• TFTP : UDP, port 69, Fast, Less Secure, No Authentication, No Encryption, and Connection-less
• FTP: TCP, port 20, 21, Slow, Less Secure, Authentication, No Encryption, and Connection-oriented
• SFTP: TCP, Port 22, Slow, Secure, Authentication, Encryption, and Connection-oriented
• SCP: TCP, Port 22, Fast, Secure, Authentication, Encryption, and Connection-oriented

Src: Twitter via LinkedIn.

At my org we have some legacy software that uses the google analytics api. As you may be aware, that api has been discontinued for some reason. This application is going to nearly impossible to port to the new api.

There is no way to bring back the old api so we are looking at a few weeks of parcial downtime. I only took me a few weeks to figure that out.

Google cloud console is one of the most confusing websites I have ever seen. Each function is a separate page that has 300 menus and drop downs that take you to seperate pages. You want to see api permissions? Api permission manager. You want to see analytics? Analytics manager. You want to turn on a new api? Separate page.

Why!

Microsoft recommends doing the following, depending on what security update you have installed:

• Aug 2022 SU or later and EP enabled: Install CU14 (no special steps needed).
• Aug 2022 SU or later, but EP not yet enabled: Install CU14 with the default of 'Enable EP' left on.
• Exchange Server version earlier than the Aug 2022 SU: "We send you thoughts and prayers, and very strong but gentle guidance to update your servers to the latest SU immediately."

Palo KB's:

https://security.paloaltonetworks.com/PAN-SA-2023-0004

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000XgAlCAK

If I create a VM role, I can assign it's networking to a VLAN, however I can't do the same to a file server role. Does anyone know if it's somehow possible?

Hashicorp switches from open source MPL(Mozilla Public License) to BSL(Business Source License). The new license does not allow you to use Hashicorp products if you meet both of the following conditions:

- You are building a product that is competitive with HashiCorp.
- You embed or host Terraform in your product.

What exactly those conditions mean is open for interpretation and companies like Gruntwork are strongly opposed to this change(See relevant article here)

I'm thinking about using it to replace my companies legacy websites system. I need it to allow managers to log in and change prices on websites that are a part of a facility (each website has its own domain)

The email: Hi this is Scammy McScamface and I'd like to scam you please click the scam link below.

Patches released roundup notes from bleeping computer

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5029244-and-kb5029247-updates-released/

https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2023-patch-tuesday-warns-of-2-zero-days-87-flaws/

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5029263-cumulative-update-released-with-27-fixes/

cross-posted from: https://lemmy.ml/post/2956502

I have 15 VM's running for clients and I'm looking for a way to keep the tools up to date without having to connect to each server and do it manually. A few examples are WinDirStat, Firefox, SSMS, Filelocator, etc.

We have expanded recently and I'm at the limits of doing this manually. These servers are not domain joined and are in separate virtual networks.

They hired a new hotshot engineering manager (the kind that makes physical things). He hates the engineering software we run. I don't blame him, it's crap software. He constantly complains about how slow it its. He's right again. Crap Software Vendor says it's my platform that makes their software slow and buggy. I'm willing to make any changes they recommend, but they've got nothing. They're like, "it runs fine in our test env." So hotshot goes rogue and signs contracts to move engineering to a cloud platform that he used at his old job. I wasn't brought in until after the ink dried.

New vendor sends me a link, login, and password via email. I go to the link. It's fucking remote desktop gateway. Open to the internet. The password isn't a temp, that's my permanent unchangeable password. This is how they handle user access control. No MFA. Nothing between the screaming void and our data but IIS and an AD password.

So I start pissing in the tent. I tell everyone this is unacceptable security for our IP. Vendor acknowledges that their security is insufficient and lays out their roadmap to fix it, hopefully by the end of year(I'm holding my breath). I ask if we can just run the software ourselves.

I have a convo with our CEO who usually listens to my advice. He asks if we can just host the new software on our platform (the one that already has MFA and a whole lot of other security measures). I say, "That's exactly what I was thinking." So, CEO email in hand I go back to the group and tell them to make preparations to move the implementation to our platform.

Hotshot starts bitching and moaning about how he doesn't want another slow app. A data analyst chimes in with her two cents out of fucking nowhere. I'm not even sure why she's on the email chain. I'm about two seconds away from going Joe Pesci on these goombas.

What the fuck guys? Who cares if the app is slower on our platform (not that it necessarily will be)? What good is a fast app that's insecure? How fast is it gonna be when it's ransomwared to hell? It'll be nice that the app is fast when BianLian is downloading all our designs so they can extort us.

"Well they're a big company and they haven't gotten hacked yet?" Thanks for that Captain Smith, but I know a fucking iceberg when I see one.