Lmst

New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/

In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QA

Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/

#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

🛡️ CVE-2025-12479 (CRITICAL, CVSS 10): Azure Access BLU-IC2/IC4 (≤1.19.5) lack CSRF tokens, allowing full remote compromise—no patch yet. Apply WAFs, enforce header checks, and restrict access. https://radar.offseq.com/threat/cve-2025-12479-cwe-352-cross-site-request-forgery--adbd5512 #OffSeq #Vuln #CSRF #AzureSecurity

Critical threat: CVE-2025-12479: CWE-352 Cross-Site Request Forgery (CSRF) in Azure Access Technology BLU-IC2

🚨 CRITICAL: CVE-2025-12423 (CVSS 10) in Azure BLU-IC2 & IC4 (≤1.19.5) allows remote DoS via protocol manipulation (CWE-248). No patch yet—apply filtering, segment networks, and monitor logs. Stay proactive! https://radar.offseq.com/threat/cve-2025-12423-cwe-248-uncaught-exception-in-azure-9b7c3217 #OffSeq #AzureSecurity #CVE2025 #BlueTeam

Critical threat: CVE-2025-12423: CWE-248 Uncaught Exception in Azure Access Technology BLU-IC2

🔴 CVE-2025-12424 (CRITICAL): Azure Access BLU-IC2 & BLU-IC4 (≤1.19.5) affected by SUID-bit privilege escalation flaw. No patch yet — restrict & monitor SUID binaries now to prevent full compromise. Details: https://radar.offseq.com/threat/cve-2025-12424-cwe-269-improper-privilege-manageme-ac110a5f #OffSeq #AzureSecurity #CVE #UnixSec

Critical threat: CVE-2025-12424: CWE-269 Improper Privilege Management in Azure Access Technology BLU-IC2

Microsoft Warns of Escalating Attacks on Azure Blob Storage, Urges Tighter Security

#Azure #Cybersecurity #Microsoft #CloudSecurity #InfoSec #DataBreach #ThreatIntel #Cloud #MicrosoftAzure #DevSecOps #AzureSecurity

https://winbuzzer.com/2025/10/23/microsoft-warns-of-escalating-attacks-on-azure-blob-storage-urges-tighter-security-xcxwbn

I wrote a brief Playbook, how to get started with securing the Azure AI Service's in your environment. Azure AI services provides multiple layers of security that you should consider when implementing a solution, which I present in this blog post:

https://vasenius.fi/example-playbook-to-secure-your-azure-ai-services/

#AISecurity #AzureAIServices #AzureSecurity

A seemingly harmless Chrome extension can now hijack your digital keys—stealing Azure session cookies and bypassing MFA. Curious how this stealthy Cookie-Bite attack works and what you can do to stay secure?

https://thedefendopsdiaries.com/understanding-and-mitigating-the-cookie-bite-attack/

#cookiebiteattack
#azuresecurity
#sessioncookies
#cyberthreats
#microsoft365security

New Open-Source Tool Spotlight 🚨🚨🚨

Blacksmith is a cloud-native adversary simulation tool that scales offensive testing in Azure. It’s built to automate simulation setups, leveraging Azure services like Sentinel for detection validation. Useful for red teaming and continuous security improvement.

#ThreatHunting #AzureSecurity

🔗 Project link on #GitHub 👉 https://github.com/OTRF/Blacksmith

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Elevate access to manage all Azure subscriptions and management groups now in Public Preview https://learn.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin

#azure #entra #microsoft #cloudmanagement #azuresubscriptions #cloudsecurity #azuresecurity #azureadmin #publicpreview

In this blog, I have demonstrated step by step instructions on implementing Azure Disk encryption for VM disks.

https://medium.com/@samarasams/securing-os-and-data-disks-with-azure-disk-encryption-and-key-vault-policies-a65f8ed1cea3

#DataSecurity #DiskEncryption #CloudSecurity #AzureDiskEncryption #AzureSecurity #Azure #Cloud

As part of AZ-500 learning, I explored Container Registry and Azure Kubernetes Service and shared the step by step instructions on how to implement these in Azure.
Read the blog here and let me know your thoughts:

https://medium.com/@samarasams/deploying-a-secure-application-with-azure-kubernetes-service-and-azure-container-registry-7c4942f760ef

#CloudSecurity #Azure #AzureKubernetes #AzureSecurity #Containers #Docker #kubernetes

Azure Blunder: Microsoft’s Airflow Integration Opens Door to Cyber Mischief!

Discover the low-severity flaws in Azure Data Factory that could let attackers play secret admin. Are your Kubernetes clusters safe? #AzureSecurity
https://thenimblenerd.com/?p=1033097

Attacking Entra Metaverse: Part 1
https://posts.specterops.io/attacking-entra-metaverse-part-1-c9cf8c4fb4ee

#AzureSecurity #EntraID #aad #activedirectory #redteam

Does anybody have experience with Cloudbreach.io’s Breaching Azure training? Is it worth the investment? #BreachingAzure #Cloudbreach #OffensiveAzureSecurity #AzureSecurity

Looks like #Microsoft forgot to register the domains listed in their SDK, which has now been taken over

https://xcancel.com/watchtowrcyber/status/1846137686832369889?s=61&t=RPbY9cLDkgmEACY4rfxmfA

#azure #cloudsecurity #AzureSecurity #cloudfail

Azure Kubernetes Clusters Vulnerable To Sneaky TLS Bootstrap Attack
Today, we're diving into the world of cybersecurity and exposing a sneaky attack that has been targeting Azure Kubernetes Clusters. That's right, your beloved cloud platform may not be as secure as you think!
#Azure #Kubernetes #CyberSecurity #Vulnerability #KubernetesAttack #TLSBootstrap #AzureSecurity #CloudSecurity #DataProtection #Hack #MicrosoftAzure #AzureKubernetesService #InfoSec #CyberAttack
https://cloudhosting.evostrix.eu/azure-kubernetes-clusters-vulnerable-to-sneaky-tls-bootstrap-attack/

Are your Azure Storage Accounts locked down to a network? Are you still resisting Private Endpoints? Keep your data secure #AzureSecurity #ConfigurationMonitoring #MicrosoftSentinel

Azure policy abuse for privileges escalation and persistence

https://securitylabs.datadoghq.com/articles/azure-policy-privilege-escalation/

#azure #AzureSecurity #cloudsecurity #infosec

Stay informed about potential security vulnerabilities in your Azure services by subscribing to Defender for Cloud's security alerts and recommendations. #SecurityAlerts #AzureSecurity

Safeguard your Azure environment by leveraging Microsoft Sentinel's AI-driven analytics to detect and respond to security threats in real-time. #AzureSecurity #MicrosoftSentinel

#AzureSecurity

Client Info