msandbu

The Evolution of RDP RDP is a pretty common protocol, and has been and is still the default way to have remote access to an Windows enviroment and has been a core part of the operating system for many years. RDP as a protocol is based on, and is an extension of, the T-120 family of protocol …

New RDP vulnerabilities – so how can we secure RDP? Read More »

So this is based upon a real-life case where one of my customers had a Linux virtual machine in Microsoft Azure that got compromised and I wanted to use this blogpost to showcase how it was detected and the information that came from Microsoft and what was the reason how it got hijacked. (Really been …

Real-life detection of a virtual machine in Azure with Security Center Read More »

With the release of Azure Virtual WAN, Microsoft now supports SD-WAN functionality of out the box for the “middle-mile” transport. Meaning that traffic from one location to another can benefit of using Azure’s core backbone network to transport data between multiple locations. Azure Virtual WAN does not provide any intelligence on the edge or branch …

Azure Virtual WAN and putting the pieces together Read More »

With the fuzz these these about Windows Virtual Desktop on Azure coming out soon, I’m get a lot of questions around VDI and desktop delivery functionality and how to deliver this from Microsoft Azure, what kind of possibilities do we have? what vendor has the best support? what kind of integrations are possible? and so …

Building VDI Solutions in Azure – What Options do we have? Read More »

This is a study guide for the latest Azure exam, Exam AZ-500: Microsoft Azure Security Technologies. You can read more about the xam here –> https://www.microsoft.com/en-us/learning/exam-az-500.aspx by pasing this exam you get the certification (Microsoft Certified: Azure Security Engineer Associate) Manage identity and access (20-25%) Configure Microsoft Azure Active Directory for workloads create App registration (https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) configure App …

Microsoft Azure Security Technologies AZ-500 Study Guide Read More »

Earlier this week  I wrote about the Norwegian Company Hydro which was affected by ransom and needed to shutdown most of their operations. The ransomware was most likely distributed using Active Directory with Group Policy so it could spread across the organization –> https://msandbu.org/norwegian-hydro-affected-by-ransomware-attack-lockergoga/ also Kevin Beaumont wrote an extensive article on the subject as well –> https://doublepulsar.com/how-lockergoga-took-down-hydro-ransomware-used-in-targeted-attacks-aimed-at-big-business-c666551f5880 So …

Ransomware and moving to Azure AD based Clients Read More »

There has been a lot of great information now the last couple of days regarding Windows Virtual Desktop like the blog post from Bas here –> https://www.basvankaam.com/2019/03/19/the-windows-virtual-desktop-what-we-know-so-far-its-more-than-you-think-65-facts-listed/ still there is some questions that also remained unanswered yet as part of what they are building as part of it. However there is still some information that I wish …

Windows Virtual Desktop in Prevew – What you need to think about! Read More »

With more and more organizations moving towards multi-cloud approach, it often requires some changes in our toolbox to ensure security, governance and compliance across different cloud providers. Within this market there is also a growing set of vendors which want to provide this cross-cloud security ecosystem, such as some I’ve written about previously such as …

Palo Alto Redlock and Public Cloud Threat Defense Read More »