Earlier this month I came across an article covering a recent development in malware scanning in MS365.
While putting a file in a password-protected Zip archive has been a traditional method of bypassing malware filtering (often with good reason), the changes in how Microsoft scans files traversing their services has made this no longer reliable.
Earlier this year Microsoft announced the retirement of Microsoft 365 Security Administrator certification (commonly known by its exam designation MS-500). This wasn't a surprise as the content was generally replaced by the newer specialty certifications and the SC line of exams.
However I was surprised to find that Microsoft also retired the Microsoft 365 Enterprise Administrator syllabus and exams, and its replacement is far more security focused than before.
As many of us now work remotely, and have many devices of various trust in our homes, there has been a good use case for keeping them separate. Turns out, this can be quite easy to accomplish on inexpensive network equipment.
Following from the prior post discussing MFA use cases and bypasses, this post expands on the prior article and adds further ideas on protecting your users' identities.
Ever since Multi Factor Authentication (MFA) started gaining popularity as a means to limit the usefulness of stolen credentials, it was only a matter of time before attackers adapted to the new reality (as demanded by the Red Queen Effect).
In this article I look at common MFA methods that are not phishing resistant, as well as a recent attack that bypasses MFA.
Check the follow-up post for a different take on bypassing MFA and the resulting implications.
Following from the prior post discussing Azure security and networking, I felt that additional coverage of Azure Network Security Groups was needed, as it is not the most obvious topic (and the design is quite different from how AWS does it).
I'd recently renewed my Azure Network Engineer certification, and it's good to see how much of the syllabus is still highly relevant from a cloud security angle. From a certain perspective, it's a stepping stone to the Azure Security Engineer certification (AZ-500), and a good check for useful knowledge.
In case you may not have heard of Static Site Generators (SSGs), they offer a very cost effective (often free) way to create a website.
However, using SSGs introduces certain feature and security considerations.
Recently I completed the course materials for CloudBreach's "Breaching Azure" and took the lab exam, obtaining their "Offensive Azure Security Professional" (OASP) certification. Microsoft's Azure and security certifications focus on building and defending cloud services, not trying to bypass defenses, making this certification quite different.