Strategic Chinese Ambitions with TikTok Since I first posted this, 18 Sept 2020, the Chinese PLA have since posted this video online, showing them carrying out a nuclear attack against the United States. China reportedly
Offensive Security Harvested Credentials in Kali One of the biggest points of confusion I hear is that Azure Advanced Threat Protection is only applicable to Windows. That is not true. I also hear that “credential theft”
Security Hygiene Azure ATP Advanced Audit Policies Stay updated! Follow me on Medium. Product-specific and general best practices in Azure, Cybersecurity and development are added regularly! Advanced Threat Analytics (ATA) v1.8 added new capabilities to monitor
Strategic CISO Matrix There is bias in every decision? Too much in any direction is not a good thing. I’ve supported a lot of cyber operations, product procurements, product deployments. I’ve
Incident Response Iceberg Affect How well do you pull the strings on the IOCs during an investigation? In cybersecurity, especially in the Digital Forensics Incident Response (DFIR) space, the “Iceberg Effect” plays a detrimental
Identity Smartcards and Pass-the-Hash Why is this a really bad combination, unless you make a critical change to a policy you probably didn't know about... Also, don't be fooled, SmartCard is only feasible for
Azure Securing Azure Storage A customer recently asked me “how do I discover Azure Storage accounts that are open?” First off, we need to define what “open” means. Does this mean “route-able from the
DevOps ARM and DSC Tips I’m new to Azure Resource Management (ARM) and Desired State Configuration (DSC), albeit not new to JSON nor PowerShell. I recently had the task to migrate our Azure Security
Incident Response A necessary component to any Cyber Incident Response: Containment Incident Response and ContainmentAnyone who does Incident Response (IR), or any Digital Forensics Incident Response (DFIR) process knows that collecting Indicators of Compromise (IOC) is only half the story. Eventually,