Another day of Cybersecurity
If you heard a noise on social media from May (2023), it’s probably the same noise that most of us heard: the announcement of specific domains by Google.
Google Registry announced eight new top-level domains (TLDs) that day: .esq, .foo, … Read the rest
Cybersecurity adores fancy words and buzz…, and you’re in for another joy – ASM, DRP, EASM, CAASM.
This blog post provides additional information on the state of external attack surface management, and it’s related tools and technologies.
Why the External … Read the rest
Token protection creates secure cryptography between the token and the device it’s issued to, and without the client’s secret, the bound token is useless. When users register a Windows device and higher in Azure AD, their primary identity is bound … Read the rest
Token stealing is a severe threat in Office 365 and any cloud environment. Attackers use various technologies and tactics to steal tokens instead of passwords. With those stolen tokens, they will access critical resources and perform malicious activities in the … Read the rest
Many customers, people in the industry, and the community asked me about applying for a second or additional MFA to the Azure PIM role when there is an existing MFA. We all know the importance of sensitive admins / crucial … Read the rest
OSINT stands for Open Source Intelligence, which is the practice of collecting and analyzing information from publicly available sources. OSINT can be used for various purposes, including national security, law enforcement, business intelligence, journalism, research, and personal curiosity.
OSINT is … Read the rest
Breaking the Cloud via “some service” is every pentester or red reamer mission. While the Blue team, SecOps, and other security teams struggle to minimize the attack surface area, create friction with attackers, and gain more visibility. The other teams, … Read the rest
If you are interested in artificial intelligence, natural language processing, or cybersecurity, you might have heard of ChatGPT. It is a state-of-the-art language generation model that can produce realistic and coherent text on almost any topic. But what does ChatGPT … Read the rest
