Select Page
Errors on a pull request blocking a merge

Getting Started with Testing Infrastructure Code

Hi, my name is Bernie White, I am a Premier Field Engineer at Microsoft. Today I’d like to show you how you can get started with testing infrastructure code using an open source project called PSRule within Azure Pipelines. Within ... continue reading
Image: Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Impact Using Cloud credentials Exec into container Backdoor container Privileged container Clear container logs List K8S secrets Access the K8S API server Access cloud resources Data Destruction Compromised images in registry bash/cmd inside container Writable hostPath mount Cluster-admin binding Delete K8S events Mount service principal Access Kubelet API Container service account Resource Hijacking Kubeconfig file New container Kubernetes CronJob hostPath mount Pod / container name similarity Access container service account Network mapping Cluster internal networking Denial of service Application vulnerability Application exploit (RCE) Access cloud resources Connect from Proxy server Applications credentials in configuration files Access Kubernetes dashboard Applications credentials in configuration files Exposed Dashboard SSH server running inside container Instance Metadata API Writable volume mounts on the host Access Kubernetes dashboard Access tiller endpoint

Attack matrix for Kubernetes

Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their ... continue reading

How to provision a Linux SQL Server Virtual Machine in Azure

You’re an existing SQL Server customer and are looking to explore the fast-growing Linux operating system. Whether on-premises or in the cloud, Microsoft has you covered. With SQL Server 2017, and now SQL Server 2019, SQL Server is available on ... continue reading
PowerShell Basics: How to Encrypt Azure Linux VMs

PowerShell Basics: How to Encrypt Azure Linux VMs

Disk encryption is a basic data protection method for physical & virtual hard disks. It falls under physical data security and it prevents data breaches from stolen hard disks (physical & virtual). Similar to on-premises Windows servers and computers, we ... continue reading

Announcing PowerShell 7.0

Today, we’re happy to announce the Generally Available (GA) release of PowerShell 7.0! Before anything else, we’d like to thank our many, many open-source contributors for making this release possible by submitting code, tests, documentation, and issue feedback. PowerShell 7 ... continue reading

SMB is Dead, Long Live SMB!

Hello again, James Kehr here with another guest post. Titles are hard to do. They must convey the topic to the reader while being both interesting and informative, all at the same time. Doing this with a technical article makes ... continue reading

New Microsoft Security innovations and partnerships

Today on the Official Microsoft Blog, Ann Johnson, Corporate Vice President of the Cybersecurity Solutions Group, shared how Microsoft is helping turn the tide in cybersecurity by putting artificial intelligence (AI) in the hands of defenders. She announced the general ... continue reading
Routes

Configuring Azure Linux VM to work with VPN Client

As we move towards a more secure world Virtual Private Networks (VPNs) has become more popular as people try to protect their data going over the internet. But installing a VPN client on the OS level of an Azure Linux ... continue reading

Learning from cryptocurrency mining attack scripts on Linux

Cryptocurrency mining attacks continue to represent a threat to many of our Azure Linux customers. In the past, we've talked about how some attackers use brute force techniques to guess account names and passwords and use those to gain access ... continue reading
Hyper-V for Developers on Windows 10

Hyper-V for Developers on Windows 10

Hyper-V is more known as a server virtualization technology; however, since Windows 8, it is also available in the client operating system. In Windows 10, Microsoft improved the experience drastically to make Hyper-V an excellent solution for developers and IT ... continue reading