Uncloaking dangerous and default configurations within Azure. There are several default configurations within the admin portal of Azure. The main affected area is Azure Active Directory (Azure AD) which is the primary area that controls …
Continue readingMonth: August 2021
Cobalt Strike, a Defender’s Guide
Intro The Ryuk threat actors went from a phishing email to domain wide ransomware in 5 hours. They escalated privileges using Zerologon (CVE-2020-1472), less than 2 hours after the initial … Read More https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/
Continue reading