Cyber Defense Advisors

Azure Security

Posts on Azure Security by Teri Radichel

This is a compilation of my posts on Azure Security. Although I teach Azure Security classes, I prefer to use AWS most of the time when I’m doing security assessments and penetration testing. I have a lot more posts on AWS Security for that reason. But right now I’m teaching an Azure class so expect a few more Azure posts for a minute. Also, most of the concepts I write about on AWS Security can be translated to Azure Security. Maybe someday I’ll get around to writing about that translation.

Hacker as Cloud Customers

This post explains how attackers used AWS and Azure in the Solar Winds breach.

Hackers as Cloud Customers

Solar Winds Breach Retrospective: Part 3

This post explains how Azure features such as MFA and Conditional Access might have prevented the Solar Winds Breach that basically took over Azure accounts. It also explains how understand who can grant application permissions in an Azure account is very important.

SolarWinds Hack: Retrospective

Azure for Auditors

This is a presentation given about Azure to Auditors to explain what to look for on an Azure Audit or security assessment. New tools exist now in Azure that did not exist at the time of this presentation.

https://medium.com/media/16074d5ea3c3fedf8d977c0e5b7a44cd/href

Azure Security Assessments

Tanja Janca (SheHacksPurple) and I gave this presentation at Microsoft Build, OWASP AppSec day in Melbourne, Australia, on her podcast, and the presentation went to DefCon but I opted out of that one.

https://medium.com/media/784c659aae32ccc790c29a3c36b189a4/href

Cloud Security Presentations

Many of my general cloud security presentations are applicable to Azure.

Teri Radichel

When the Cloud Runs Out of VMs

Related to the issues with Azure support, at one point I could not create a VM. Any VM. I contacted Azure support but I already told you how that went. Hopefully this is resolved now as people all over the world seemed to be having this problem at the time. This is a security problem because if you have an application with a vulnerability and need to deploy a VM and can’t — you have a denial of service issue. I did find a workaround described in this post.

When the cloud runs out of VMs

Prevent Azure Uses from Creating New Tenants

In this post I reviewed a new Azure feature that is supposed to disallow users from creating new tenants. I found some interesting behavior when testing it.

Prevent Azure Users from Creating Tenants (Maybe)

Azure Support Diary (or Diatribe)

This is probably too boring to read in full but I documented my experience with Azure support for about an 8 week period. It was frustrating, but I hope by documenting it some of this got fixed. The biggest problems are:

#1. Azure Support sends things in email outside the support portal so they can’t be properly tracked.

#2. Azure support wasn’t looking at screenshots I uploaded.

#3. Constantly replies on tickets after I request to close them and couldn’t close them myself.

#4. Went around in circles for something that didn’t work for weeks before they finally admitted it was a bug. I also found and reported other bugs.

There’s more but those were the most egregious problems. I really hope this helped and some of these things got fixed because I have had these problems since Day 1 using Azure and it’s why I generally don’t pay for support. I end up resolving most of my problems on my own. If you can’t get the support you need when you need it, this could be a security problem. I presume larger companies that spend a lot more than I do get better support. 🙂

Azure Support Diary (or Diatribe)

Most of the posts I’ve written for other cloud environments in terms of attack vectors, architectures, and security controls are applicable in Azure. You would just implement them with Azure-specific constructs.

Cloud Security Architecture

Follow for updates.

Teri Radichel

If you liked this story please clap and follow:

******************************************************************

Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research

******************************************************************

© 2nd Sight Lab 2022

____________________________________________

Author:

Cybersecurity for Executives in the Age of Cloud on Amazon

Need Cloud Security Training? 2nd Sight Lab Cloud Security Training

Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.

Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.

Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts

Azure Security was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Related Post

  • by
  • September 19, 2024

This Windows PowerShell Phish Has Scary Potential

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who

Cyber News
  • by
  • September 19, 2024

Wherever There’s Ransomware, There’s Service Account Compromise. Are

Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the

Cyber News
  • by
  • September 19, 2024

Hackers Exploit Default Credentials in FOUNDATION Software to

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from

Cyber News
  • by
  • September 19, 2024

FBI Shuts Down Chinese Botnet

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types

Cyber News