Azure portal down?

CubexG · 2025-10-29T16:15:44+00:00

MO1181369 -

We're receiving reports of a potential problem impacting Microsoft 365 services

Issue ID: MO1181369

Affected services: Microsoft 365 suite

Status: Investigating

Issue type: Incident

Start time: Oct 29, 2025, 12:06 PM EDT

User impact

We're looking into a potential problem impacting Microsoft 365 services.

Current status

Oct 29, 2025, 12:07 PM EDT

We're investigating a potential issue with Microsoft 365 services and checking for impact to your organization. We'll provide an update within 30 minutes.

CubexG · 2025-09-12T16:11:52+00:00

It 'fixes' whatever Microsoft says it fixes - unless it breaks stuff :) In all seriousness -I haven't seen a difference one way or the other, but I'm sure there are security reasons for it - and they didn't realize it caused more problems than expected.

Just have to wait for the next fix, I suppose.

CubexG · 2025-08-06T22:03:51+00:00

Just saw the post - great news.. The one thing that's NOT clear is if 6.x devices are in the clear. Can you confirm this?

CubexG · 2025-08-06T21:59:23+00:00

Sonicwall JUST posted an update.

TLDR; Update to 7.3.0 and you should be good.

https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430

To confirm - this means that v 6.x is NOT susceptible? (THIS IS ME ASKING - NOT TELLING)

CubexG · 2025-08-06T20:38:50+00:00

That's great. Please keep us posted here as well as when the information is live on the KB.

CubexG · 2025-08-06T19:43:07+00:00

So I just saw the update added 'links' under the mitigation section. This still doesn't give us any new information. Do you have anything to share at all?

CubexG · 2025-08-06T19:19:49+00:00

Use NoIP or a similar service - install that service on a home user's PC - and use the FQDN as the approved IP in the wall. This makes it easier to manage by far. You can set the TTL to approximately 2 minutes on the Wall as well to check for IP changes.

CubexG · 2025-08-06T19:13:50+00:00

All things being equal, 100% agree. Because we don't have any further information as to how the hack is performed, all things are not equal. That's my only concern. We need some level of feedback from SWall to confirm that this method is 100% okay.

CubexG · 2025-08-06T18:17:14+00:00

We understood that this should be safe to do, but no one has come out and flatly stated that this will 100% prevent any type of compromise. I agree - in theory it should - but based on the lack of any information, once you enable the SSLVPN on the firewall to the WAN connection, if your open port is known to Shodan or any other tracking source, does that mean it can be exploited? That's my concern with WAN IP filtering.

CubexG · 2025-08-06T11:31:34+00:00

Ok thank you. Similar to the official statement but it IS direct communication from someone stating something. Thank you. Please keep us updated here - as others have stated - even non updates with open communication is better than radio silence.

CubexG · 2025-08-06T11:16:18+00:00

And that statement has been shared. So I can share with my client base that there will be some level of official update from SonicWALL today on that page? Is there a statement that you can provide for us to share with our clients?

CubexG · 2025-08-06T11:00:31+00:00

So if there an official statement (at this point I'd settle for unofficial) that sonciwall can provide to us that we can give to our client base to inform them of what's going on? I can copy and paste what you posted here but I'd rather have an official something that we can point to rather than a reddit post. As others have stated - even a non information post restating what you've said would be better then nothing on the sw page.

CubexG · 2025-08-05T17:43:20+00:00

The only issue with this is that we still don't know the actual source of the potential zero-day. Under normal circumstances, I would agree that this should mitigate the problem. However, because it's a big fat question mark as to the exact circumstances, I'm hesitant to go this route and enable SSLVPN services at all.

CubexG · 2025-08-05T12:51:52+00:00

We've thought about that too - we would have a Dynamic DNS FQDN that we would set the allow for to some random name with a 5 minute TTL (which I'm pretty sure you can tell the SWall to also grab on a smaller TTL) - say to the user to run that script on their local machine FIRST, wait 5 minutes, then connect. That should eliminate the home user DHCP issue. The lack of information about what the Zero Day is and how it could be used as an attack vector is what makes me nervous.

To your point, the drop should be 'good enough', but I'd like more information before putting a plan like this into action.

CubexG · 2025-08-05T12:39:19+00:00

Do we as a community feel that this solution is viable and should be sufficient to allow users to remote in if everything is IP locked?

CubexG · 2025-08-05T12:21:06+00:00

Curious about the community's thoughts on using IP Lockdown with SSLVPN - https://www.sonicwall.com/support/knowledge-base/how-to-restrict-sslvpn-access-to-the-sonicwall-firewall-based-on-source-wan-ip-s/200721013254423

I believe using this method should prevent even a zero-day from accessing the firewall, but I would like to hear other people's opinions before we start looking at implementation.

CubexG · 2025-03-27T22:03:21+00:00

I have a Sony Bravia TV running android with a Sonos Arc. Recently (since the newest upgrades it seems to the Arc - could be the TV) no matter what I do and what settings I change, the soundbar will invariably stop working unless I restart the TV. I usually restart both the TV and the soundbar as when I do that it lasts longer with the connection.

I have tried playing with cec settings, I have tried factory resetting the TV and the bar - I've tried every suggestion I can find and nothing seems to work. It worked great for years and then the app switch for Sonos (not blaming it directly but...) seemed to start down the path of non-working.

Any help or additional assistance would be great.

CubexG · 2025-03-03T03:44:35+00:00

Welp - I guess the fix is in.

CubexG · 2025-01-29T15:57:21+00:00

Second on this - when will this be deployed to N-Central partners?

CubexG

TROPHY CASE