AZ-500 Study Guide: Microsoft Azure Security Technologies 2021

يك منبع خوب براي ادرس دهي سرفصل هاي دوره ترند و جذاب امنيت آژور ابري

The content of the AZ-500 Microsoft Azure Security Technologies exam was just updated in January 2021. That is why I want to share my new updated AZ-500: Microsoft Azure Security Technologies Certification Exam Study Guide for 2021 with you.  If you are passing the AZ-500 exam, you will earn the Microsoft Certified: Azure Security Engineer Associate certification, that you understand how to implement security controls and threat protection; manage identity and access; and protect data, applications, and networks in cloud and hybrid environments as part of end-to-end infrastructure
https://www.thomasmaurer.ch/2020/05/az-500-study-guide-microsoft-azure-security-technologies-2021/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

در سلوک قرآنی، تو باید از هفت موقف بگذری.
این هفت موقف را می توانی در هفت آیه سوره ی "حمد" ببینی.
حرکت از پایین به بالاست.

از هفتمین آیه، تا اولین آن.
یعنی از "ضالّین" (گمگشتگان) تا خود "بسم الله الرحمن الرحیم".

تو با این سیر، از تاریکی به نور، از جهل به آگاهی، و از رنج به رحمت مطلق نائل می شوی.
این عروجی از اسفل به اعلی❤️ است.

ابتدا به گمگشتگی ات واقف و خود را ازسیطره ی غضب شدگان می رهانی و به حوزه ی اهل نعمت وارد می کنی
آنگاه هدایت الهی را تسلیم وار می پذیری، سپس از چندگانگی رها، و فقط یگانگی را پاس میداری
قیامتت در آیه ی چهارم برپا می شود
آنگاه رحمت واسعه تو را پذیرا شده و پس از این پیروزی، سرشار از "حمد" به پروردگار جهانیان میگردی، و همو مهربانانه تو را به مرجع اصلی ات، واصِل می نماید.
این است سیر "اِنّا لِله و اِنّا اِلَیهِ راجِعُونَ".
همه از خداییم و به سوی خدا بازمیگردیم

http://www.coca.ir/wp-content/uploads/2019/04/babel-music.mp3


- دمت گرم تو هستي24/7
، سرت سلامت يا هو-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

https://m365internals.com/2021/07/05/why-are-windows-defender-av-logs-so-important-and-how-to-monitor-them-with-azure-sentinel/amp/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

If your super new to Hacking and want to learn how to get started ? Just sign up to Tryhackme and keep working on from fundamentals hands on

https://tryhackme.com/signup?referrer=1ccc5534746cbb252bb294b80df1ce7c7ebe2037


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

https://www.xmind.net/m/8Hkymg/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

[#PacktPub] Microsoft Azure Administrator – Exam Guide AZ-103

WARNING — Microsoft's emergency patch update for the PrintNightmare RCE exploit fails to fully address the Windows vulnerability & can be bypassed in certain scenarios, allowing attackers to execute arbitrary code on infected systems.

Details: https://thehackernews.com/2021/07/microsofts-emergency-patch-fails-to.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

Phishing links (T1566.002) are still one of the most used initial access techniques. A long time ago, I wrote a blog about how to analyze URLs that users click inside the Outlook app with Sysmon.
Hunting Phishing URLs in Emails with Sysmon
Being an important attack vector, phishing emails are hard to detect. Thanks to Microsoft Sysmon, we can track or detect…
mergene.medium.com
In this post, I’ll explain how to extract those URLs with KQL and perform threat hunting. Since the new attacks are evolved and a phishing link can be inside a PDF or a Word file, I’ll cover Office, PDF, and other apps as well.

https://posts.bluraven.io/hunting-for-phishing-links-using-sysmon-and-kql-e87d1118ce5e


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

SideCopy cyber-espionage APT group—potentially linked to Pakistan—has been observed increasingly targeting Indian government personnel with as many as 4 new custom remote-access #malware.
Details: https://thehackernews.com/2021/07/sidecopy-hackers-target-indian.html

Cybersecurity researchers uncovered a new ongoing cyberespionage campaign targeting corporate networks with malware in Spanish-speaking countries, specifically Venezuela, to spy on their victims.

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare (CVE-2021-34527)
https://thehackernews.com/2021/07/how-to-mitigate-microsoft-print-spooler.html
Read: https://thehackernews.com/2021/07/experts-uncover-malware-attacks.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

“Security and development teams need to discuss standards for languages and frameworks to make sure risk is acceptable before deployment.”


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

امنيت انفرادي نيست، تيم محور است.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

مركز عمليات امنيت شما در چه وضعيتي هست!؟اصلا كمكي به تداوم امن كسب و كار شما داشته!؟آيا پيش نياز هاي آن را در نظر گرفتيد!؟الان كه اين مركز در سازمان شما وجود دارد،نسبت به قبل چه متريك هاي اثر بخشي را ميتوانيد مديريت كنيد!؟


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

“Today, organizations can build in security as an integrated part of the migration to IaaS services, optimizing security processes so they can be extended to work seamlessly across both local and external services.”


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.17

WATCH OUT!

Hackers have been found to use a new technique to completely disable macro security warnings in Office files—without requiring user interaction—and infect victims' computers with malware.

Read: https://thehackernews.com/2021/07/hackers-use-new-trick-to-disable-macro.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

Red Team Tactics
1. Open-Source PE Packer
https://iwantmore.pizza/posts/PEzor4.html
]-> https://github.com/phra/PEzor
2. XNU IPC - Mach messages
https://dmcyk.xyz/post/xnu_ipc_i_mach_messages
3. Avoiding Fork&Run .NET Execution With InlineExecute-Assembly
https://securityintelligence.com/posts/net-execution-inlineexecute-assembly
]-> Beacon Object File PoC:
https://github.com/xforcered/InlineExecute-Assembly

Blue Team Techniques
API Security Need to Know:
Top 5 Authentication Pitfalls
https://www.cequence.ai/blog/api-security-need-to-know-top-5-authentication-pitfalls

Threat Research
CVE-2021-28474:
SharePoint RCE via Server-Side Control Interpretation Conflict
https://www.zerodayinitiative.com/blog/2021/7/7/cve-2021-28474-sharepoint-remote-code-execution-via-server-side-control-interpretation-conflict

Cloud Security
REST API Fuzz Testing (RAFT):
Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
https://github.com/microsoft/rest-api-fuzz-testing


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

ما برق نداریم یکی‌تون تلوزیون رو روشن کنه ببینه صداوسیما در مورد مزیت‌های رفتن برق داره چی میگه؟


-😨-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

https://github.com/cado-security/DFIR_Resources_REvil_Kaseya/


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

WLAN Security
1. Reverse Engineering WiFi Driver on RISC-V BL602
https://lupyuen.github.io/articles/wifi
2. Dumping and extracting the SpaceX Starlink User Terminal firmware
https://www.esat.kuleuven.be/cosic/blog/dumping-and-extracting-the-spacex-starlink-user-terminal-firmware

Malware analysis
1. A machine learning approach to inferring the maliciousness of unknown IP addresses, autonomous systems, and ISPs👍🏽
https://ai.sophos.com/2021/05/10/using-ai-to-detect-malicious-ip-addresses-clusters
2. WildPressure macOS Trojan
https://securelist.com/wildpressure-targets-macos/103072


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

براي هر هدفي برنامه لازمه +همت و پشتكار+علاقه بولد👍🏽✌🏼


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

قيمت هاي پرت كم نيست در حوزه امنيت اما،
ا م ا
اگر قيمت رو پايين دادن بدونيم كيفيت هم در قسمت اعظم اين كيس ها سقوط كرده😀

براي هر موضوعي ميتوان قيمت مشخص و حدودي معقول با برآورد كارشناس نفر ساعت و تخصصي بودن موضوع تخمين زد.


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18

كلي انرژي رفت و برگشت براتون آرزو ميكنم، اونم با كليد واژه هاي محبوب شما
كه حال ادم و ميسازه، 😁✌🏼دم و بازدم'


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.18