RT @cyb3rops: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025 | by Kevin Beaumont. .

. that they are finally working on it and making it transparent. Source: (2/2). #Microsoft #azure #infosec.

Microsoft openly admitting they have not(!) had MFA, network segmentation, least privilege, software lifecycle, jump-servers, asset- and software-inventory etc for Azure PROD for years and they are not there yet. This whole report is just so scary. At the same time, good. (1/2)

Microsoft Azure Portal CVE-2025-53792 CVSSv3.1 9.1. Afaik Microsoft claims the vulnerability was not public and no customer was affected. However Microsoft does not answer if they would have to logs/forensics to answer that. #infosec #azure #microsoft.

RT @Mandiant: 🛡️ Then read the next blog post to learn how to defend:

RT @albinowax: It's easy to bash vulnerabilities with logos but. I couldn't resist, say hello to :).

RT @fabian_bader: This is big. In #XDR there is now a new table in preview:. GraphApiAuditEvents. It's the "free" version of the Microsoft….

RT @malmoeb: I don’t know how many times I’ve discussed this topic before, but due to recent events, I'm bringing it up again: One of our c….

RT @cyb3rops: Windows SMB Client Elevation of Privilege Vulnerability. CVSS Score: 8.8. Attack Vector: Network.Attack Complexity: Low.Privi….

Splunk UseCase for detecting attacks against FortiGate firewalls:. #infosec #splunk #fortigate

CISA guidance for SIEM - with details about with which logs to start, from your AD, EDR, OS, Virtualization, Azure, AWS, GCP, Hardening, etc. Really useful 👍.

RT @cyb3rops: Google just patched a serious ⚠️ vulnerability (CVE-2025-4664) that allows attackers to steal sensitive tokens (like OAuth or….

If it doesn't —> take action (e.g. contact Microsoft support & adjust backup parameters/rethink your desaster recovery process) (3/3). #azure #backup #desasterrecovery.

Azure Backup doesn't show this — it keeps reporting that the backups are "green" (healthy). It's only when you try to restore them that it fails (error). So my tip is to test the Azure region failover with some test systems and then check whether the backup still works. (2/3).

Tip: Test Azure backups & region failover. There is a known issue after an Azure region failover —> backups can become corrupted. That means in the event of a disaster affecting an Azure region, you may have no usable backup, putting you in a doubly bad situation. (1/3) #azure.

RT @DebugPrivilege: I often get asked what to do after running !analyze -v on a kernel memory dump. If you're wondering what steps you coul….

RT @cnotin: Microsoft hardened the Entra ID synchronization feature last year:.- restricted permissions on Directory Synchronization Accoun….

RT @DrAzureAD: If you haven't blocked device code authentication flow yet, do it now. Please, just do it! . @fabian_bader tells how to do t….

RT @nas_bench: Introducing 🚀Eventlog Compendium 🚀. A new Streamlit app, that aims to be the go-to resource for understanding and playing wi….

RT @olafhartong: Dear @MicrosoftAzure or @azuread teams, can you please make sure the casing of logged items is consistent?. Apart from wei….