Security Vulnerability Revealed in Azure Active Directory Connect
The existence of a new and potentially serious privilege escalation and password reset vulnerability in Azure Active Directory Connect (AADC) was recently made public by Microsoft....
View ArticleCloud Security Research: Cross-Cloud Adversary Analytics
Newly published research from security firm Rapid7 is painting a worrying picture of hackers and malicious actors increasingly looking for new vectors against organizations with resources hosted in...
View ArticleSocial Engineering Is A Threat To Your Organisation
Of the many attacks, hacks and exploits perpetrated against organisations. One of the most common vulnerabilities businesses face and need to guard against is the result of the general goodness or...
View ArticleWindows 10 Domain Join + AAD and MFA Trusted IPs
Background Those who have rolled out Azure MFA (in the cloud) to non-administrative users are probably well aware of the nifty Trusted IPs feature. For those that are new to this, the short version...
View ArticleProtect Your Business and Users from Email Phishing in a Few Simple Steps
Phishing attacks attempt to trick a victim into performing an unwitting action in order to steal sensitive information from them. This form of attack is generally conducted by means of spoofed emails...
View ArticleSSL Tunneling with socat in Docker to safely access Azure Redis on port 6379
Redis Cache is an advanced key-value store that we should have all come across in one way or another by now. Azure, AWS and many other cloud providers have fully managed offerings for it, which is...
View ArticleStatic Security Analysis of Container Images with CoreOS Clair
Container security is (or should be) a concern to anyone running software on Docker Containers. Gone are the days when running random Images found on the internet was common place. Security guides for...
View ArticleAutomatic Key Rotation for Azure Services
Securely managing keys for services that we use is an important, and sometimes difficult, part of building and running a cloud-based application. In general I prefer not to handle keys at all, and...
View ArticleCreating Azure Storage SAS Tokens with ARM Templates
Shared access signatures, sometimes also called SAS tokens, allow for delegating access to a designated part of an Azure resource with a defined set of permissions. They can be used to allow various...
View ArticleZero-Touch BitLocker with PowerShell
The majority of IT engineers and architects traverse various forms of security on a daily basis ranging from our complex alphanumeric corporate logon passwords to the increasingly common MFA prompts on...
View Article
