• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Microsoft: Maybe ESET-Type Companies Are a Problem?

Microsoft security may have a problem other than bad actors compromising systems. The news cycle has moved forward, but I still chuckle at the SolarWinds’ misstep. How many super duper cyber solutions failed to detect the months long compromise of core Windows processes? I don’t know, and my hunch is that whoever knows does not want to talk about the timeline. That’s understandable.

I read “IISpy: A Complex Server?Side Backdoor with Anti?Forensic Features.” The source appears to be We Live Security which is reporting about an ESET research finding. (I find it interesting that cyber security researchers report interesting things that other cyber security vendors appear not to report or possibly know about. Interesting or a signal that cyber security systems are not particularly effective when new methods poke through a secured system, saying, “Surprise!)

The write up states:

According to ESET telemetry, this backdoor has been active since at least July 2020, and has been used with Juicy Potato (detected as Win64/HackTool.JuicyPotato by ESET security solutions), which is a privilege escalation tool. We suspect the attackers first obtain initial access to the IIS server via some vulnerability, and then use Juicy Potato to obtain the administrative privileges that are required to install IISpy as a native IIS extension. According to our telemetry, IISpy affects a small number of IIS servers located in Canada, the USA and the Netherlands – but this is likely not the full picture, as it is still common for administrators to not use any security software on servers, and thus our visibility into IIS servers is limited.

If the affected server is the exact one the bad actor wants, numbers may not be germane. Also, does the phrase “not the full picture” indicate that the cyber researchers are not exactly what’s going on?

Interesting questions from my point of view.

If I step back, what’s my observation:

Perhaps cyber security is in a quite pitiful state. If this is accurate, why would the US government offer Amazon AWS another $10 billion deal? Microsoft will contest this important award. You can read the Microsoft News story “Microsoft Challenges the Government’s Decision to Award Amazon a NSA Cloud-Computing Contract, Which Could Be Worth $10 Billion” to get a sense about the disconnect between selling and addressing what may be fundamental security issues.

Would that money, time, and effort be better invested in addressing what seems to be another troubling security issue?

The answer to this question would be in my opinion a true juicy potato.

Stephen E Arnold, August 12, 2021

Microsoft: Amazing Quote about Support

I read “El Reg talks to Azure Data veep as Microsoft flicks the switch on Azure Arc for SQL Managed Instances: Longevity, PostgreSQL, and the Default Relational Database of Choice.” I like the phrase “default relational database of choice.” Okay, confidence can be a positive.

Most of the interview is not-so-surprising stuff: End-of-life assurances, hits of a catholic approach to the Codd structure, and a general indifference to the Amazon database initiatives. That’s okay. The expert is Rohan Kumar, who is going to speak Redmond, a peculiar dialect of jargon which often reveals little relevant to the ordinary person trying to restore a trashed SQL Server table.

I did spot one tiny comment. Here is this remarkable assertion:

“We will never let any of our customers run into challenges because Microsoft decided, ‘hey, we’re not going to support you’.”

No kidding? For real? I mean none of the code blocking, security challenging stuff?

Stephen E Arnold, August 12, 2021

Strong Sinequa Helps Out Hapless Microsoft with Enterprise Search

Microsoft has enlisted aid or French entrepreneurs have jumped on the opportunity to enhance the already stellar software system available from the SolarWinds and Exchange Server misstep outfit.

Business Wire reveals in a hard hitting write up “Sinequa Brings Intelligent Search to Microsoft Teams” an exciting development. Wait, doesn’t Microsoft search work? Apparently Sinequa’s platform works better. We learn:

“Sinequa for Teams enables organizations to unleash the power of Sinequa’s Intelligent Search platform right within Microsoft Teams. … Sinequa continues to recognize the need to make knowledge discoverable so employees can make better decisions, regardless of where and how they work. The Sinequa platform offers a single access point to surface relevant insights both from within and outside the Microsoft ecosystem. Built for Azure and Microsoft 365 customers with Teams, Sinequa has extended its powerful search technology to Teams to help enterprises elevate productivity and enable better decision-making all in one place.”

The tailored Teams platform promises to improve data findability and analysis while bolstering collaboration and workflows. Sinequa is proud of its ability to provide enterprise search to large and complex organizations. Founded in 2002, the company is based in Paris, France.

Excellence knows no bounds.

Cynthia Murrell, August 9, 2021

A Microgoof or a Google PR Opportunity?

It is difficult to determine if Google is on the money with its alleged discovery of Russian cyber criminals targeting big wheels via LinkedIn. True or not, it may be another security misstep for the Redmond giant. “Russian Hackers Disguised as LinkedIn Networkers Spreading Malware” asserts:

A new investigation by Google shows that some of the common LinkedIn spam can be quite dangerous. Hackers with possible connections to the Russian government sent fraudulent LinkedIn messages to various officials from European countries with links aimed to exploit vulnerabilities in Windows and iOS. It is not yet known how many LinkedIn users were targeted in this hacking campaign and how many of them were ultimately hacked. Google believes that the cybercriminal gang responsible for the hacking campaign is most likely backed by the Russian government.

If this article is on the money, the odds are getting longer that Sergey Brin will be able to ride a Russian rocket into space. The article includes the statement “backed by the Russian government.” That might toss those orbital dreams into the Caspian Sea, the lowest point in the country. Also, the tecnopolies may be squaring off for a public relations dust up. I mean how could the Chrome love birds spat over a minor security issue. LinkedIn is a Microsoft property, and I assume it is protected by all manner of Microsoft security software as well as systems purchased or licensed.

LinkedIn vulnerable. Some believe LinkedIn lost control of user data earlier this year. Forbes reported that data about 700 million LinkedIn uses was for sale on a hacking forum.

However, if one compares the LinkedIn assertion from the GOOG with the mostly verified PrintNightmare glitch, the Microgoof results from repeated efforts to patch the print spooler. By the way, this gem is in most Windows versions.  Here’s a flow chart to guide your remediation efforts:

LinkedIn versus what seems to be an engineered in persistent invitation to bad actors to have a series of great days. No zero days needed it seems.

Pick your Microgoof. Personally I find the print spooler thing more enjoyable than people looking for work.

Stephen E Arnold, July 19, 2021

Microgoof: JEDI Knight Defeated by Unknown Death Ray

I read “Losing the $10 Billion JEDI Contract Is Bad for Microsoft Not Just Because of the Money. It’s about Credibility.”

Here’s an interesting passage:

More important than the money was that it gave the company a level of third-party validation, that its cloud-computing platform is  on par with Amazon, the market leader. The Pentagon, arguably the world’s most sophisticated cyber customer, had chosen Microsoft over Amazon to fully revamp and modernize its tech ecosystem. That gave Microsoft credibility. Now, however, the Department of Defense says Microsoft’s offering wasn’t going to “meet its needs.”

The write up then indirectly links the death ray to none other than the mom and pop online bookstore:

Amazon challenged and eventually sued the federal government complaining that Microsoft was awarded the contract because of President Trump’s animosity towards the Washington Post, owned by Amazon’s founder and former CEO, Jeff Bezos.

Politics! Not technology! The write up points out:

Amazon controls roughly a third of the market and a host of government contracts, including with the Central Intelligence Agency. By comparison, analysts estimate Microsoft has cornered only around 20% of the market.

How could the defenses of the JEDI be breached? Was it the same weakness that causes printers to fail, supply chain attacks to thrive, and fuzzed communications about the minimum requirements for Windows 11?

No, no, no.

The Microgoof will take months, maybe years, to figure out. Where was Windows Defender when the Redmond giant needed its support? Maybe the service could not access Teams? Maybe the call did not go through because the parties were using a Windows Phone? Maybe the Windows update interrupted the system? What if the unknown death ray was crafted by the Bezos bulldozer now guided by Max Peterson who replaced the former Microsoftie Teresa Carlson, who is now a Splunker?

One thing is clear: First SolarWinds, the printer thing, then Windows 11, and now the JEDI zapper. I smell the exhaust from the Bezos bulldozer. Who else will?

Stephen E Arnold, July 14, 2021

Microsoft Percept: Perception in the Azure Cloud

Does your printer work? The printer is fine and our Apple Minis and laptops have zero problem generating hard copy. What about people joining a Teams meeting when those individuals are not 365 paying customers? Have you plugged in a second or third monitor and wondered where the icons went when using Windows 10? How is Windows Defender working for you since you received the Revil ransomware popup?

Ah, no solid answers. We don’t have any either. Windows 11 may address these trivial issues but the big repair job will arrive with Microsoft Percept. “Microsoft Aims to Expedite New Edge Computing Use Cases with Azure Percept” defines the bold new Star Trek-like innovation this way:

Azure Percept … is an end-to-end system for edge AI development and deployment that now works over 5G and LPWA as well.

Sound great to you? Beyond Search is not 100 percent convinced. We would be okay with better security within Microsoft software and a printer method which allows printers to print.

Microsoft seems to be more comfortable marketing than delivering software and systems which work as users expect. Microsoft software is in wide use. Cyber criminals rely on Microsoft’s door-wide-open methods. I suppose more bad actors would print out their zero days, exploits, and code snippets if their printers worked.

Stephen E Arnold, July 13, 2021

Microsoft LinkedIn: A TikTok Target?

Microsoft LinkedIn had an opportunity to dominate the video résumé market. Now the allegedly Chinese influenced TikTok appears to be chasing this sector. More importantly, LinkedIn users are “old school.” Rah rah text and video snippets explaining how a life coach can jumpstart a career. Are those wrinkles I see on most of the LinkedIn video performers’ programs. Yep, they are wrinkles.

Now TikTok is creating a video résumé service in a “official” way. The idea is that even TikTok creators may need a real job. The write up “TikTok Lets Users Apply for Jobs in the US with Video Resumes” says:

Short-video sharing app TikTok on Wednesday, July 7, launched a pilot program that lets users upload video resumes for US-based jobs ranging from a WWE Superstar to a senior data engineer at Shopify or a creative producer at TikTok itself.

The idea is that unhip “real” companies need workers. LinkedIn profiles don’t signal “I will flip burgers” or “I will watch your super over achieving high performing really wonderful children”. Thus, a gap exists and TikTok aims to fill it. Or will this service just provide a flow of data into TikTok’s servers and then maybe to other interesting data centers in lovely Wuhan.

Microsoft and LinkedIn is dealing with the hashtag #securitybreach. TikTok is moving forward with the #CareerTok and related metadata.

Stephen E Arnold, July 12, 2021

Microgoof of the Day: The Print Thing

I read “Microsoft’s Emergency PrintNightmare Pat Doesn’t actually Fix the Issue.” If this article is correct, it warrants a honk from the Beyond Search goose. The story was the inspiration for an irregular series of posts to be called “Microgoof of the Day.” The write up says without any stand up comedy joke writer:

…there are reports of new proof-of-exploit code that circumvents the fix altogether.

Well, well, well.

The write up nods to another publication with this passage:

Reporting on the findings of Benjamin Delpy, creator of popular post exploitation tool Mimikatz, The Register says that it’s how Microsoft checks for remote libraries in the PrintNightmare patch that offers an opportunity to work around the patch. “They did not test it for real,” Delpy bluntly told The Register, reportedly describing the issue as “weird from Microsoft.”

Weird from Microsoft? Hmmm.

Regardless of who’s right or wrong, PrintNightmare is a hoot in some circles. In others, maybe not so much. That’s the microgoof for you.

Stephen E Arnold, July 9, 2021

Amusing Confusing Wizards

More from the Redmond wizards’ humor generating machines.

Microsoft has found a way to deflect attention from yet another security issue. Do you print over the Internet? “Microsoft Acknowledges PrintNightmare Remote Code Execution Vulnerability Affecting Windows Pint Spooler Service” says:

IT Admins are also invited to disable the Print Spooler service via Powershell commands, though this will disable the ability to print both locally and remotely. Another workaround is to disable inbound remote printing through Group Policy, which will block the remote attack vector while allowing local printing.

So what distracts one from a print nightmare? That’s easy. Just try to figure out if your PC can run Windows 11? TPM, you say? Intel what?

PrintNightmare aptly characterizes Microsoft’s organizational acumen perhaps?

Stephen E Arnold, July 7, 2021

Microsoft in Perspective: Forget JEDI. Think Teams Together

I received some inputs from assorted colleagues and journalistic wizards regarding JEDI. The “real” news outfit CNBC published “Pentagon Cancels $10 Billion JEDI Cloud Contract That Amazon and Microsoft Were Fighting Over.” The write up stated:

… the Pentagon is launching a new multivendor cloud computing contract.

What caused this costly, high-profile action. Was it the beavering away of the Oracle professionals? Were those maintaining the Bezos bulldozer responsible? Was it clear-thinking consultants who asked, “Wasn’t Microsoft in the spotlight over the SolarWinds’ misstep?” I don’t know.

But let’s put this in perspective. As the JEDI deal was transported to a shelf in a Department of Defense store room at the Orchard Range Training Site in Idaho, there was an important — possibly life changing — announcement from Microsoft. Engadget phrased the technology breakthrough this way: Microsoft Teams Together Mode test lets just two people start a meeting. I learned:

Together Mode uses AI-powered segmentation to put all participants in a meeting in one virtual space.

I assume that this was previously impossible under current technology like a mobile phone, an Apple device with Facetime, Zoom, and a handheld walkie talkie, a CB radio, a ham radio, FreeConference.com, or a frequently sanitized pay phone located in a convenient store parking lot near the McCarran International Airport in Las Vegas.

I have a rhetorical question, “Is it possible to print either the news story about the JEDI termination or the FAQ for Together in the midst of — what’s it called — terror printing, horror hard copy effort — wait! — I have it. It is the condition of PrinterNightmare.

I have to stop writing. My Windows 10 machine wants to reboot for an update.

Stephen E Arnold, July 7, 2021

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month November 2025 October 2025 September 2025 August 2025 July 2025 June 2025 May 2025 April 2025 March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • AI and Learning: Does a Retail Worker Have to Know How to Make Change?
  • Microsoft Could Be a Microsnitch
  • Walmart Plans To Change Shopping With AI
  • Sweet Dreams of Data Centers for Clippy Version 2: The Agentic Operation System
  • AI Is a Winner: The Viewpoint of an AI Believer

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org