If you are using managing an enterprise, you will undoubtedly encounter malicious emails targeting your end users. Ideally, you could delete these messages from within your end users’ mailboxes. Normally, this is a premium feature, but if you have configured your G-Suite environment to use PSGSuite, it can be accomplished with some pretty basic scripting….
Category: Cybersecurity
Cloud – Synchronizing Disablements Between Federated Domains (Azure, Google)
When configuring provisioning between Azure and Google federated domains, you will likely reference Microsoft’s documentation on configuring their canned provisioning Enterprise Application at https://learn.microsoft.com/en-us/entra/identity/saas-apps/g-suite-provisioning-tutorial. There is more information here as well: https://learn.microsoft.com/en-us/entra/identity/app-provisioning/configure-automatic-user-provisioning-portal. The procedure outlined here will get you started- however, you will quickly realize that disablements are not synchronizing between the two platforms. I…
Linux – Configure Debian to Authenticate w/ Active Directory
A unique problem recently presented itself- how to allowing multiple users to access a Linux VM in a secure fashion. Generic user accounts seemed like a poor idea to me, as they would likely end up being mismanaged. And shared accounts are, of course, a terrible idea. So, what to do? Well, I am, of…
Azure – Malicious Authentication Emulation and Mitigation
The attack surface of a cloud tenant should get a lot of consideration. It is important to understand that some legacy protocols, like SMTP, are not capable of accommodating multifactor authentication; and, although they are largely being deprecated, we may still see them in use. Attackers are particularly fond of these legacy protocols, as they…
Thoughts on Obfuscation of Botnet C2 Communications
This afternoon, while mountain biking, I was listening to a cybersecurity podcast about botnets. The gentleman on the episode was discussing detection of unknown botnets by looking at recurring patterns from the level of a dynamic DNS provider. A provider like this has incredible insight into web traffic on a global scale. The man described…