Another day of Cybersecurity
Microsoft Entra ID’s CFIR (Cloud Forensic and Incident Response) provides a solid blueprint for detecting, investigating, and responding to identity threats. However, mastering it requires the right tools and approach. That’s where PowerShell steps in.
In this post, we’ll explore … Read the rest
The following post focuses on Azure Blob Container, its risks, how it builds, and how to attack with a specific scenario.
Before reading this post, let me ask you a few questions and know if you can answer them. Are … Read the rest
This post is focused on the Chain of Custody in general and some of the implications of the Cloud. If you are looking for CoC scenarios and how they affect the Cloud, the following post will discuss handling the Chain … Read the rest
The Azure AD Incident Response methodology is a critical life-cycle, process, and tool that anyone using identities on Azure, Office 365, and third-party clouds can count on.
The Azure AD Incident Response explores how Azure AD investigates, manages, and responds … Read the rest
The following post will assist you with the Log4j incident response process based on the familiar tools, mitigate options, and the information from the vendors and community.
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache … Read the rest
Kubernetes Incident Response, How does it look like? Your ability to react quickly to a security incident can differentiate between a significant incident and a small one.
For sure, it can help minimize damage caused by some breaches. In many … Read the rest
The Azure AD Incident Response methodology is a critical life-cycle, process, and tool that anyone using identities on Azure, Office 365, and third-party clouds can count on. The Azure AD Incident Response explores how Azure AD investigates, manages, and responds … Read the rest
Recently, there have been massive cyberattacks against cloud providers and on-premises environments, the most recent of which is the attack and exploitation of vulnerabilities against Exchange servers – The HAFNIUM. This post focus on Azure Sentinel and Sysmon 4 … Read the rest
