• HOME

  • BLOG

  • ABOUT

  • More...

    Use tab to navigate through the menu items.

    DANA ON DATA

    • All Posts
    • General
    • Industry
    • Security
    • Software Engineering
    • Azure
    • KnowOps
    Search
    Automatically privesc to root in pwncat using pwnkit
    Dana Epp
    • Feb 12
    • 1 min

    Automatically privesc to root in pwncat using pwnkit

    I released a custom pwnkit module for pwncat that automatically exploits CVE-2021-4034 to priv esc to root. Enjoy!
    Why security research in the MSP space is abysmal
    Dana Epp
    • Feb 10
    • 8 min

    Why security research in the MSP space is abysmal

    Security research in the MSP space is abysmal. Huntress is going to have a hard uphill battle getting vendors to participate in bug bounties
    How to detect when emergency accounts are used in Azure AD
    Dana Epp
    • Feb 20, 2020
    • 1 min

    How to detect when emergency accounts are used in Azure AD

    So in the latest episode of #KnowOps I help a community member out by showing how to setup Azure to detect and alert when emergency...
    How to secure your Azure storage accounts properly
    Dana Epp
    • Feb 13, 2020
    • 1 min

    How to secure your Azure storage accounts properly

    Azure relies heavily on Azure Storage. From your VM disks to your application queues, chances are you have sensitive data already saved...
    How to restrict network access to Azure Key Vault
    Dana Epp
    • Feb 6, 2020
    • 1 min

    How to restrict network access to Azure Key Vault

    So in this week's episode of #KnowOps I help answer the question on how to lock down Internet access to your Azure Key Vault through the...
    Azure Fundamental for Ethical Hackers and Special Ops Team
    Dana Epp
    • Feb 2, 2020
    • 1 min

    Azure Fundamental for Ethical Hackers and Special Ops Team

    Fellow MVP and ethical hacker Nino Crudele has released an awesome free whitepaper on the Azure Fundamental for Ethical Hackers and...
    Recon your Azure resources with Kusto Query Language (KQL)
    Dana Epp
    • Dec 6, 2019
    • 1 min

    Recon your Azure resources with Kusto Query Language (KQL)

    Latest episode of #KnowOps is out. I introduce you to how I sift through millions of records of audit data in Azure in a matter of...
    Is your data secure in Azure?
    Dana Epp
    • Oct 30, 2019
    • 1 min

    Is your data secure in Azure?

    Recently I have had the opportunity to engage with peers on social media about how secure their data is in Azure. It brought up some...
    Are you ready for Azure Bastion?
    Dana Epp
    • Sep 28, 2019
    • 1 min

    Are you ready for Azure Bastion?

    Azure Bastion is a new managed PaaS service that provides seamless RDP and SSH connectivity to your virtual machines over Secure Sockets...
    Azure Security Center for IoT goes GA
    Dana Epp
    • Sep 4, 2019
    • 1 min

    Azure Security Center for IoT goes GA

    Can't believe I missed this, but Azure Security Center for IoT went GA recently. If you aren't aware of what it is, Azure Security Center...
    Azure Security Lab: a new space for Azure research and collaboration
    Dana Epp
    • Aug 25, 2019
    • 1 min

    Azure Security Lab: a new space for Azure research and collaboration

    Now this is interesting... Microsoft has setup a set of dedicated cloud hosts for security researchers to test attacks against IaaS...
    Microsoft says that Cloud Service Providers (CSP) need to use MFA, and I agree
    Dana Epp
    • Jul 18, 2019
    • 1 min

    Microsoft says that Cloud Service Providers (CSP) need to use MFA, and I agree

    Last month I read an interesting article from Krebs on Security about the fact that Microsoft will be forcing Cloud Service Providers...
    The Azure Security Architect Map
    Dana Epp
    • Jul 5, 2019
    • 1 min

    The Azure Security Architect Map

    Following up from The Azure Solution Architects Map I talked about last time, I was pleasantly surprised to find that Stephane published...
    DHS Statement: MSPs and IT Consultants Weaken Office 365 Security
    Dana Epp
    • Jun 4, 2019
    • 1 min

    DHS Statement: MSPs and IT Consultants Weaken Office 365 Security

    A couple of weeks ago the Department of Homeland Security published an Analysis Report (AR19-133A) on Microsoft Office 365 Security...
    Azure AD abolishes its 16 char limit for passwords!
    Dana Epp
    • May 15, 2019
    • 1 min

    Azure AD abolishes its 16 char limit for passwords!

    It's about time. Today, Microsoft announces that they have changed the 16 character limit for Azure AD passwords, allowing you to set a...
    6 Ways to Pass Secrets to ARM Templates
    Dana Epp
    • May 1, 2019
    • 1 min

    6 Ways to Pass Secrets to ARM Templates

    I saw an interesting post from Justin Yoo on 6 Ways Passing Secrets to ARM Templates today. In the article, he provides details on six...
    Holy cow, STRIDE is now 20 years old! Long live STRIDE.
    Dana Epp
    • Mar 29, 2019
    • 1 min

    Holy cow, STRIDE is now 20 years old! Long live STRIDE.

    The invention of STRIDE was the key inflection point in the development of threat modeling from art to engineering practice. I saw an...
    Microsoft releases 'Azure Security Engineer Associate' certification
    Dana Epp
    • Mar 18, 2019
    • 1 min

    Microsoft releases 'Azure Security Engineer Associate' certification

    I've been asked several times where someone new to Azure should start when it comes to Azure security. There are plenty of posts here...
    Is Azure Sentinel a good thing for the cloud?
    Dana Epp
    • Mar 9, 2019
    • 1 min

    Is Azure Sentinel a good thing for the cloud?

    So a few weeks ago Microsoft announced Azure Sentinel, their new cloud-base SIEM system. Security Information and Event Management (SIEM)...
    Cool enhancements to the Azure AD combined MFA and password reset registration experience
    Dana Epp
    • Feb 23, 2019
    • 1 min

    Cool enhancements to the Azure AD combined MFA and password reset registration experience

    Yesterday Microsoft announced a set of fantastic enhancements—based on your feedback—to the public preview of our combined registration...
    1
    2345

    DANA ON DATA

    © 2020 by Dana Epp

    • White Twitter Icon
    • LinkedIn - White Circle