Another day of Cybersecurity
An attacker is like a lover. He teases until he finds the right moment to act on your network. This behavior is the same for the PowerShell attack.
The following post focuses on PowerShell obfuscation and how to monitor with … Read the rest
Roses Are Red, Violets are Blue, and If you think your RDP is secure, I’ve some ransomware for you.
There’s been a tremendous increase in cybercriminals attempting to perform attacks by exploiting remote login credentials over the last year. Many … Read the rest
This article is less technical but an article of those moments where you understand why a particular technology is the one that is important to focus on.
This article reminds me of different moments where I said, noted, and saw … Read the rest
How do you investigate an Active Directory environment? are you also examining metadata or investigate an event log on each DC? If you investigate just event logs, it’s not enough, and you should and even must also investigate Active Directory … Read the rest
What’s going on inside the box? Is Service principal monitoring essential? If we rely on the SolarWinds event, then yes, this is necessary monitoring. The post will guide how to Monitor Service Principal with Azure Sentinel.
There are a few … Read the rest
In Azure, like any other cloud vendor, the shared responsibility model means that both Microsoft and you have a role to play in ensuring high service availability.
Suppose we’re taking the identity platform (the Azure AD). In that case, It’s … Read the rest
Something as code. Today, almost every system or app can be managed via code, and Azure Sentinel can be managed via code.
You might be familiar with the Infrastructure as Code concept with Azure Resource Manager, Terraform, or AWS Cloud … Read the rest
There are few terms for credential attacks, such as password attacks, identity attacks, dictionary attacks, etc. Identity attacks come in different styles with different nuances.
The most prevalent attacks are the Password Spray and Brute-force attack.
What are the differences … Read the rest
