Techly NewsGet the app

Get the latest tech news

Microsoft whistleblower says firm ignored early warnings about flaw exploited in SolarWinds breach


Microsoft dismissed warnings about security flaw that led to the SolarWinds cyber catastrophe, according to Whistleblower

According to a ProPublica report, Harris first spotted the flaw, labeled Golden SAML, in 2016 when investigating a security intrusion affecting the Active Directory Federation Services (ADFS), a Microsot single sign-on(SSO) feature for applications located across organizational boundaries. Used by millions of people to log into their work computers, the ADFS flaw allowed attackers to disguise themselves as legitimate employees and gain access to sensitive information in the environment while remaining undetected. Harris and other former Microsoft employees told ProPublica that CEO Satya Nadella had made it clear internally that the hyperscaler needed to ensure it did not miss out on the multi-billion dollar deal to secure its future selling cloud services.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Microsoft

Microsoft

Photo of flaw

flaw

Photo of firm

firm

Related news:

News photo

The Morning After: Microsoft pauses its creepy Recall AI feature

News photo

Microsoft cancels universal Recall release in favor of Windows Insider preview

News photo

Microsoft delays broad release of Recall AI feature due to security concerns

« Cheating husband sues Apple after wife discovered ‘deleted’ messages sent to sex workers
Kyiv programmer in handcuffs over Conti, LockBit ransomware »