Microsoft released a valuable new Azure feature in December of 2021: custom security attributes. This feature is still in preview. Custom security attributes enable organizations to define new attributes to meet their needs. These attributes can be used to store information or, more notably, implement access controls with Azure attribute-based access control (ABAC). Azure ABAC, which is also in preview, enables an organization to define access rules based on the value of an object’s attribute.
Azure Active Directory holds the keys to your Microsoft 365 kingdom. Responsible for vital functions such as authentication and authorization, Azure AD is ultimately responsible for managing access across the Microsoft cloud ecosystem. For that reason, is the target of many cyberattacks. In this blog post, we will detail the top 5 security best practices to follow to secure your Azure Active Directory and protect your business.
Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain. In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) was released.
The Splunk Threat Research Team recently updated the Active Directory Lateral Movement analytic story to help security operations center (SOC) analysts detect adversaries executing these techniques within Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight detections from the analytic story.
Dealing with the massive architecture of client-server networks requires effective security measures. Everyone has become painfully aware of all dangerous fishes roaming around the pool of the network, trying to get access to the system. Having a weak password policy is a key vector for attackers to gain system access. However, admins can help protect password security of the wide-reaching network using Group Management Policy (GPO).