ITX MikeThis is an absolutely brutal takedown of #Microsoft. How they aren't drowning in lawsuits. 🤷♂️
I totally understand the resistance to disabling smart card #SSO for the US govt. That's a huge change (but NYPD did it 🤔)
But MS should have been working on this non stop to help detect/mitigate. Then to outright lie about when they knew.
How any security professional could say 'well it requires access to the server' as a boundary. 😂
#SolarWinds #ADFS #InfoSec #SAML
https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
Whistleblower Says Microsoft Dismissed Warnings About a Security Flaw That Russians Later Used to Hack U.S. Government
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.