@vysecurity @shad0wbits @k0s1337 We have to assume they dont know, which is why it's essential in the presales/scoping face that we make the customer aware of the difference, imo :-)
@vysecurity @shad0wbits @k0s1337 Then the problem is not the jobs done, but the name of the service and the agreed scope of the assignment. The above should then be called a Vulnerability Scanning, and the customer should be aware of the difference.
Any other known attacks and hacks involving Azure/M365 just like the targeted delegated administrative the NOBELIUM group performed? Could use some inspiration for a customer talk/workshop on current cloud threats and ttps #Cloudsecurity#cloudttps#cloudattacks
Do you have your head in the clouds when it comes to data security? Assuming your cloud service provider fully handles your data’s security is a common mistake. Evaluate your security posture with an Azure AD Security Analysis. https://t.co/xm6RRM9I4n
A bit disappointed that the Microsoft global banned password list for Azure AD Password Protection doesn't include pwds such as "SummerSummerSummer22" and alike. Am I misinterpreting something here? #Microsoft#MicrosoftSecurity#aadpasswordprotection