Yep, that one. There's articles that provide summaries of that
entire PDF but it doesn't look good at all when CISA writes:
Throughout this review, the Board identified a series of Microsoft
operational and strategic decisions that collectively point to a
corporate culture that deprioritized both enterprise security
investments and rigorous risk management.
So yeah, storing client credentials in their cloud ? No thank you.
Scott
On Tuesday, 16/07/2024 at 16:51 Mark Alley via mailop wrote:
Just sharing since it's relevant - report direct from CISA [1] I
believe he's referencing.
- Mark Alley
On 7/16/2024 3:31 PM, Graeme Fowler via mailop wrote:
On 16 July 2024 16:29:39 "Scott Q. via mailop" [2] wrote:
You are a few years too late. China already completely hacked MS and
had access to ALL accounts for up to 2 years.
Joking aside: [citation needed]
If you're going to make massive claims of that nature, please provide
links to factual articles about it.
Not hearsay, not rumours, but substantiated evidence.
And remember that Microsoft, for their many faults, do not simply run
one infrastructure. The consumer and business environments are largely
separated, for one.
I'm no apologist for them but one thing I can't take, as a list member
or admin, is unsubstantiated posts.
Ta
Graeme
_______________________________________________ mailop mailing list
mailop@mailop.org https://list.mailop.org/listinfo/mailop
Links:
------
[1]
https://www.cisa.gov/resources-tools/resources/cyber-safety-review-board-releases-report-microsoft-online-exchange-incident-summer-2023
[2] mailto:mailop@mailop.org
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
