Build your knowledge of Azure AD conditional access policies
Build your knowledge of Azure AD conditional access policies click here to read full Article Read More on latest Security Updates
Tagged: Azure
Microsoft Azure customer hit by 3.47 Tbps DDoS attack
A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed. click...
Dep-Scan – Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuild
dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The tool is ideal for...
Spray365 – a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD)
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray365 different from the many other password spraying tools that are...
4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories
A security flaw has been unearthed in Microsoft’s Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four...
Spray365 – Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray365 different from the many other password spraying tools that are already available? Spray365...
Why you should plan to upgrade to Azure AD Connect v2 soon
Why you should plan to upgrade to Azure AD Connect v2 soon click here to read full Article Read More on latest Security Updates
XMGoat: Open-source pentesting tool for Azure
XMGoat is an open-source tool that enables penetration testers, red teamers, security consultants, and cloud experts to learn how to abuse different misconfigurations within the Azure environment. click here to read full Article Read...
goEnumBruteSpray – User Enumeration And Password Bruteforce On Azure, ADFS, OWA, O365 And Gather Emails On Linkedin
The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can be retrieved to avoid account lockout, to know that the password is good but expired, MFA enabled,…...
AzureHunter – A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. Getting Started 1. Check that you have the right O365 Permissions The following roles are required...
Microsoft revokes insecure SSH keys for Azure DevOps customers
Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies. click here to read full Article...
AutomatedLab – A Provisioning Solution And Framework That Lets You Deploy Complex Labs On HyperV And Azure With Simple PowerShell Scripts
AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a single VM in a very short time. There are only two requirements you need...
‘OMIGOD’ vulnerabilities put Azure customers at risk
‘OMIGOD’ vulnerabilities put Azure customers at risk click here to read full Article Read More on latest Security Updates
Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote...
'Azurescape': New Azure vulnerability fixed by Microsoft
'Azurescape': New Azure vulnerability fixed by Microsoft click here to read full Article Read More on latest Security Updates
Microsoft warns Azure customers of flaw that could have permitted hackers access to data
In a blog post from its security response team, Microsoft said it had fixed the flaw reported by Palo Alto Networks and it had no evidence malicious hackers had abused the technique. click here...
