by cpboss | Feb 12, 2022 | active directory, Microsoft, Microsoft Security Patching, Organizational Best Practices
Attackers take advantage of weak Active Directory configurations to identify attack paths, access privileged credentials, and get a foothold into target networks. Purple Knight queries your Active Directory environment and performs a comprehensive set of tests against...
by cpboss | Feb 10, 2022 | Microsoft, Microsoft Security Patching
Today is Microsoft’s February 2022 Patch release day and Microsoft has released 51 new patches addressing CVEs in Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library,...
by cpboss | Jan 31, 2022 | AKS Cluster, Azure, Azure IoT Hub, docker, Microsoft
The history of modern containers is long and complicated, going back to the days of the mainframe and then through technologies like Solaris Zones to Linux’s adoption of cgroups as a foundation of its OS-level virtualization features. Those Linux Containers (LXC) were...
by cpboss | Jan 31, 2022 | Azure, Azure IoT Hub, Microsoft
Microsoft just countered a record-breaking 3.47 Tbps DDoS attack on its Azure servers in Asia according to a blog post by the company. That, it says, is the largest mitigated attack in history. According to Azure Networking product manager Alethea Toh, the attack...
by cpboss | Jan 24, 2022 | Azure, Microsoft
A while back, a customer asked me to help inspect what happened to an environment in Azure that got compromised and was used to launch a ransomware attack. Unfortunately, this environment also had a VPN connection between Azure and their existing on-premises data...
by cpboss | Jan 2, 2022 | Azure, Azure IoT Hub, Microsoft
Note:None of the Azure AD Connect v2.x releases are released for automatic upgrade. Manual upgrades are required to gain the new functionality and security levels once you’re on the Azure AD Connect v2 path. What’s Fixed Microsoft addressed a bug in version...
