Gennaro Migliaccio’s Post

Happy Monday! Check out my new blog post on how to quickly and effortlessly configure Windows event log ingestion into Microsoft Sentinel from Azure VMs. More posts to follow in this area! https://lnkd.in/eDQ7C4Ax #CyberSecurity #MicrosoftSentinel

Happy Monday! And to celebrate, here is my next blog post that focuses on troubleshooting Windows event logs ingested into Microsoft Sentinel via Azure Arc. Issues like these always tend to happen, and knowing which steps to take is key to ensuring your data connectors remain healthy! https://lnkd.in/eZFz_gGM #MicrosoftSentinel #AzureArc #CyberSecurity

The SUSE Rancher Security team has recently issued a high-severity advisory, CVE-2022-45157, warning users of a critical vulnerability affecting Rancher’s handling of vSphere’s Cloud Provider Interface (CPI) and Container Storage Interface (CSI) credentials. This flaw, which carries a CVSS score of 9.1, could enable unauthorized access to sensitive credentials in certain Rancher configurations.

Follow-up on Ignite with Ask Microsoft Anything: Microsoft Security edition #microsoft #security #azure

🚀 Excited to share my second article on building your own home SIEM lab! In this article, I used the Elastic Cloud to deploy the SIEM, offering a much more straightforward process. I then connected two hosts, conducted attacks on them and analyzed the resulting logs. Hope you find this helpful! 📖 Full article here: https://lnkd.in/dyF4cM6R #Cybersecurity #SIEM #ElasticStack #HomeLab #BlueTeam 🧢

📝 New blog: Encrypting a Windows VM with Azure CLI and PowerShell    Quick look at using Azure CLI and PowerShell to encrypt a Windows VM with the help of Azure Key Vault: - Disk Encryption Basics: Learn about Azure’s default OS disk encryption and the need for additional encryption for temp disks and storage clusters. - Creating Resources: Instructions on creating a virtual machine and a Key Vault using Azure CLI. - Applying Encryption: How to apply encryption to your VM using the created Key Vault and check the encryption status. - PowerShell Approach: A parallel walkthrough using PowerShell to achieve the same encryption tasks.    https://lnkd.in/g2mpg5K7 #Azure #Cybersecurity #CloudComputing #DataEncryption #Microsoft #KeyVault #PowerShell #AzureCLI

Top tips on how to prepare for #Microsoft #NTLM discontinuation for your #DataCenter. https://bit.ly/49ZcK2G

🔒𝗘𝘃𝗲𝗿 𝘄𝗼𝗻𝗱𝗲𝗿𝗲𝗱 𝗵𝗼𝘄 𝗦𝗦𝗛 𝗸𝗲𝘆𝘀 𝘄𝗼𝗿𝗸𝘀 🔒 and why they’re considered far superior to traditional password authentication? Let’s break it down: 🔑 What Are SSH Keys? SSH keys are cryptographic pairs used to establish secure connections between your device (client) and a remote server. They consist of: 𝗣𝗿𝗶𝘃𝗮𝘁𝗲 𝗞𝗲𝘆: Stays on your device (confidential, never shared). 𝗣𝘂𝗯𝗹𝗶𝗰 𝗞𝗲𝘆: Shared with the server (safe to distribute). Unlike passwords, SSH keys eliminate vulnerabilities like weak or reused passwords. ⚙️ How Do SSH Keys Work? Here’s a step-by-step process that makes SSH key authentication seamless: 1️⃣ 𝗞𝗲𝘆 𝗣𝗮𝗶𝗿 𝗚𝗲𝗻𝗲𝗿𝗮𝘁𝗶𝗼𝗻: Using tools like ssh-keygen, you generate a private and public key pair. 2️⃣ 𝗣𝘂𝗯𝗹𝗶𝗰 𝗞𝗲𝘆 𝗣𝗹𝗮𝗰𝗲𝗺𝗲𝗻𝘁: The public key is uploaded to the server and stored in the ~/.ssh/authorized_keys file. 3️⃣ 𝗜𝗻𝗶𝘁𝗶𝗮𝘁𝗶𝗻𝗴 𝘁𝗵𝗲 𝗖𝗼𝗻𝗻𝗲𝗰𝘁𝗶𝗼𝗻: The client sends the public key to the server when you attempt to connect. 4️⃣ 𝗦𝗲𝗿𝘃𝗲𝗿 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲: The server generates a random string (challenge) and encrypts it with the public key. 5️⃣ 𝗗𝗲𝗰𝗿𝘆𝗽𝘁𝗶𝗼𝗻 & 𝗩𝗲𝗿𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻: Your device (client) uses the private key to decrypt the challenge and sends it back. If the decrypted result matches, access is granted. The magic? Your private key never leaves your device, and no passwords are transmitted over the network! 🚀 🛡️ Why Are SSH Keys Secure? 𝗘𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗼𝗻 𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵: Public keys encrypt; only the private key can decrypt. 𝗣𝗮𝘀𝘀𝘄𝗼𝗿𝗱𝗹𝗲𝘀𝘀 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻: No passwords are sent, minimizing the risk of interception. 𝗨𝗻𝗶𝗾𝘂𝗲 𝗣𝗮𝗶𝗿𝗶𝗻𝗴: Each key pair is unique, providing an additional layer of security. 📋 Best Practices for SSH Keys ✔️ Always protect your private key. Encrypt it with a passphrase for added security. ✔️ Use separate key pairs for different servers. ✔️ Regularly rotate your keys to minimize potential risks. 🌟 Real-World Applications A classic example is managing EC2 instances on AWS. When you launch an instance, AWS generates a .pem file (your private key). The public key is pre-configured on the server, allowing you to securely connect without relying on passwords. SSH keys are not just about security—they’re about efficiency and peace of mind. Once you set them up, connecting to your servers becomes as smooth as a single command.

If you host your Application in private cloud, this is the best article from security point of view you can come across. #softwareengineering #security #privacy

Tips on importance of discontinuing #Microsoft #NTLM in your #DataCenter. https://bit.ly/4codpKl