10 years ago, I wrote my first book together with Packt Publishing, today I’m happy to announce that I’m started working on a new book project together with them. The title will be “Windows Ransomware Protection and Detection“, the content of the book will be focused on: * What is ransomware? giving real-life examples of […]
New Book Project: Windows Ransomware Protection and Detection Read More »
A while back, a customer asked me to help inspect what happened to an environment in Azure that got compromised and was used to launch a ransomware attack. Unfortunately, this environment also had a VPN connection between Azure and their existing on-premises data center which also meant that their entire infrastructure got compromised eventually…. Now
Threat Hunting in Microsoft Azure Read More »
With Azure Kubernetes Service, Microsoft is constantly developing the service to follow the release cycle of Kubernetes, with an updated version coming every 3. months it means that it requires a lot of upgrading of the Kubernetes instances to be on a supported version. Microsoft has a list here of the release calendar Supported Kubernetes versions
Upgrade Azure Kubernetes Service using Terraform Read More »
So, what is a Kubernetes Operator? it is software extensions to Kubernetes to provide it with the ability to provision resources or changes outside of the cluster. Think about the ability to provision resources in a cloud provider but as Kubernetes resources instead of using other means to build resources. Consider that Kubernetes can be
Getting started with Azure Operator for Kubernetes Read More »
If you are using Azure Kubernetes Service you will also in many cases, be using Container Insights in combination with Kubernetes Cluster audit data, which allows for deeper insight into your Kubernetes environment and containers. However, with the default settings, Container Insight and Kubernetes Audit is a data-hungry demon it seems. If you have a
Customize Azure Kubernetes Service Diagnostics for Azure Log Analytics Read More »
Many Exchange admins woke up today and seeing that Exchange is no longer processing emails. This is because Microsoft Filtering Management Service is stopping because it cannot handle the new date format. The reason for this is because Microsoft is using a signed int32 for the date and with the new value of 2.201.010.001 is
Trouble with Exchange in 2022 – Cannot Convert 220101001 to long Read More »
UPDATE Post: 29/12/2021 In 2021 we have seen a higher increase in ransomware attacks, where companies are faced with their systems and data becoming encrypted and forcing them to pay a ransom to get access back to their data. Seeing an increased number of organizations targeted daily. You can monitor much of the activity just by watching
Protection against Ransomware – 2021 Read More »
NB: Updated constantly Here is a summary of what Microsoft had of information https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ * Over a period of the last 4 months, the library has been downloaded 28.6 million. * Ingenuity, the Mars 2020 Helicopter mission, is powered by it. * On Friday alone there were about 840,000 endpoints that were running a vulnerable instance based
Log4Shell – Log4J CVE-2021-44228 Vulnerability Read More »
Last week, Microsoft had an issue with an ISP in Norway which affected the availability of Azure and Office 365 services for Norwegian customers without it being reflected in any of the Azure Status Pages. Therefore, I wanted to provide an “outside” view of the availability of the different Azure services to give me a
Monitoring availability of Microsoft Azure and Office 365 Read More »
How does your data get encrypted within Microsoft Azure? How can I ensure that my data is safe on a cloud provider? Lately, I’ve been working with a lot of customers asking about how we can ensure that data is encrypted and to what extent data is encrypted? When moving to a cloud-based environment and
Encrypting of Data within Microsoft Azure Read More »
