For most of 2019, I was digging into Office 365 and Azure AD and looking at features as part of the development of the new Trimarc Microsoft Cloud Security Assessment which focuses on improving customer Microsoft Office 365 and Azure AD security posture. As I went through each of them, I found one that was …
Category: TheCloud
Feb 03 2015
Configuring Two-Factor Authentication for Web (Cloud) Services
Don’t want your web (cloud) account password to get hacked? Enable Two-Factor Authentication (aka two-step verification)! Google Account: Visit this site and follow the instructions to configure your cell phone as a second factor Step 1: You’ll enter your password Whenever you sign in to Google, you’ll enter your password as usual. Step 2: You’ll …
Oct 04 2014
US-Based Azure VMs With Static IP May Get Foreign IP Addresses
Interesting side-effect of the enormity of the infrastructure behind a public cloud service. Some Azure customers may have noticed that for a VM deployed in a US region, when they launch a localized page on a web browser it may redirect them to an international site. The following explains why this may be happening. Potential …
Oct 03 2014
XEN Hypervisor Vulnerabilities
And you were wondering why Amazon had rolling reboots of EC2 recently… From the Whitepaper “FROM RING 3 TO RING0: EXPLOITING THE XEN X86 INSTRUCTION EMULATOR” (bitdefender): ABSTRACT While a VMM can provide a considerable level of security by isolation, it is generally true that by increasing the code-base that runs on a given host …
Recent Comments