I wrote a brief Playbook, how to get started with securing the Azure AI Service's in your environment. Azure AI services provides multiple layers of security that you should consider when implementing a solution, which I present in this blog post:
https://vasenius.fi/example-playbook-to-secure-your-azure-ai-services/
A seemingly harmless Chrome extension can now hijack your digital keysβstealing Azure session cookies and bypassing MFA. Curious how this stealthy Cookie-Bite attack works and what you can do to stay secure?
https://thedefendopsdiaries.com/understanding-and-mitigating-the-cookie-bite-attack/
#cookiebiteattack
#azuresecurity
#sessioncookies
#cyberthreats
#microsoft365security
New Open-Source Tool Spotlight π¨π¨π¨
Blacksmith is a cloud-native adversary simulation tool that scales offensive testing in Azure. Itβs built to automate simulation setups, leveraging Azure services like Sentinel for detection validation. Useful for red teaming and continuous security improvement.
π Project link on #GitHub π https://github.com/OTRF/Blacksmith
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
β β¨
π P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking π»π΄ββ οΈ
Elevate access to manage all Azure subscriptions and management groups now in Public Preview https://learn.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin
#azure #entra #microsoft #cloudmanagement #azuresubscriptions #cloudsecurity #azuresecurity #azureadmin #publicpreview
In this blog, I have demonstrated step by step instructions on implementing Azure Disk encryption for VM disks.
#DataSecurity #DiskEncryption #CloudSecurity #AzureDiskEncryption #AzureSecurity #Azure #Cloud
As part of AZ-500 learning, I explored Container Registry and Azure Kubernetes Service and shared the step by step instructions on how to implement these in Azure.
Read the blog here and let me know your thoughts:
#CloudSecurity #Azure #AzureKubernetes #AzureSecurity #Containers #Docker #kubernetes
Azure Blunder: Microsoftβs Airflow Integration Opens Door to Cyber Mischief!
Discover the low-severity flaws in Azure Data Factory that could let attackers play secret admin. Are your Kubernetes clusters safe? #AzureSecurity
https://thenimblenerd.com/?p=1033097
Attacking Entra Metaverse: Part 1
https://posts.specterops.io/attacking-entra-metaverse-part-1-c9cf8c4fb4ee
Does anybody have experience with Cloudbreach.ioβs Breaching Azure training? Is it worth the investment? #BreachingAzure #Cloudbreach #OffensiveAzureSecurity #AzureSecurity
Looks like #Microsoft forgot to register the domains listed in their SDK, which has now been taken over
https://xcancel.com/watchtowrcyber/status/1846137686832369889?s=61&t=RPbY9cLDkgmEACY4rfxmfA
Azure Kubernetes Clusters Vulnerable To Sneaky TLS Bootstrap Attack
Today, we're diving into the world of cybersecurity and exposing a sneaky attack that has been targeting Azure Kubernetes Clusters. That's right, your beloved cloud platform may not be as secure as you think!
#Azure #Kubernetes #CyberSecurity #Vulnerability #KubernetesAttack #TLSBootstrap #AzureSecurity #CloudSecurity #DataProtection #Hack #MicrosoftAzure #AzureKubernetesService #InfoSec #CyberAttack
https://cloudhosting.evostrix.eu/azure-kubernetes-clusters-vulnerable-to-sneaky-tls-bootstrap-attack/
Are your Azure Storage Accounts locked down to a network? Are you still resisting Private Endpoints? Keep your data secure #AzureSecurity #ConfigurationMonitoring #MicrosoftSentinel
Azure policy abuse for privileges escalation and persistence
https://securitylabs.datadoghq.com/articles/azure-policy-privilege-escalation/
Free Webinar Mastering Azure Security: Fast Track Guide for Exam Success
π
Date: 17 July (Wed)
π ππ’π¦π: 8:30 β 9:30 PM (IST)
SPEAKER: VIKAS
Free Register Now: https://www.infosectrain.com/events/mastering-azure-security-fast-track-guide-for-exam-success/
β‘οΈ Agenda for the Masterclass
π Introduction to the Azure Security Landscape
π Exploring Azure Security Implementation
π Preparation Strategies for AZ-104 + AZ-500
π Crafting Effective Responses and Handling Challenging Questions
π Tips for Exam Success
π Q&A Session
Stay informed about potential security vulnerabilities in your Azure services by subscribing to Defender for Cloud's security alerts and recommendations. #SecurityAlerts #AzureSecurity
Safeguard your Azure environment by leveraging Microsoft Sentinel's AI-driven analytics to detect and respond to security threats in real-time. #AzureSecurity #MicrosoftSentinel
Continuously assess and improve your security posture in Azure by staying informed about the latest security threats, updates, and best practices through Microsoft's security documentation and resources. #AzureSecurity #ContinuousImprovement
This blog post discusses strategies and methodologies for analyzing logs in Azure subscriptions to enhance threat hunting in cybersecurity. It explores a hypothetical attack scenario involving a breached administrator account and emphasizes the importance of understanding how threat actors maneuver within Azure to... https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/hunting-in-azure-subscription/ba-p/4125875 #AzureSecurity #ThreatHunting #LogAnalysis #softcorpremium
Whatβs new in AZ-500?
Microsoft Azure is the worldβs second-largest cloud computing platform, and it is increasingly expanding.
Click here of microsoft azure - https://www.infosectrain.com/courses/az-500-microsoft-azure-security-technologies-training/
How does Microsoft Sentinel work?
Microsoft Sentinel is a single solution that can handle both SIEM and SOAR. A SIEM solution collects data and analyses security warnings in real-time. SOAR is a set of software solutions and tools that help businesses streamline their security operations.
Click here to register for azure security course - https://www.infosectrain.com/courses/az-500-microsoft-azure-security-technologies-training/
#azuresecurity #infosectrain #az-500 #microsoftazure #Microsoftsentinel
