Another day of Cybersecurity
The following post will assist you with the Log4j incident response process based on the familiar tools, mitigate options, and the information from the vendors and community.
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache … Read the rest
This short blog post will guide how to Hunting Log4j with Microsoft Sentinel.
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified as being exploited in the wild. PoC code was released, and … Read the rest
Do you like cookies? Everyone loves especially attackers and especially cloud-related cookies. If you have got multi-factor authentication (MFA) enabled on your account or are even passwordless in some situations, you can’t be compromised, correct? Think again. Well, not exactly. … Read the rest
A critical security vulnerability in Microsoft’s Azure cloud database platform – Azure Cosmos DB Critical Vulnerability – could have allowed the remote takeover of accounts, with admin rights to read, write and delete any information to a database instance.
According … Read the rest
Managing comprehensive security products and security controls can be complicated, requiring a specific skill set and controlling all over the security process. In addition to managing complexity, monitoring the simulation activities, alerts, and results is reflected during the evaluation and … Read the rest
Managing comprehensive security products and security controls can be complicated, requiring a specific skill set and controlling all over the security process. In addition to managing complexity is tracking where the simulation activities, alerts, and results are reflected during the … Read the rest
You probably see the title above and might think to yourself, what can go wrong with the Syslog-ng mechanism. When you forward logs to Azure Sentinel, the data connector configuration with the Azure Sentinel agent and the syslog-ng settings are … Read the rest
