Microsoft Azure utilizes blobs to house large amounts of unstructured data. An Azure blob can be configured to be accessed from specific IP addresses only. This is the common configuration and a known best practice
Adversaries are hijacking corporate email systems such as Office 365 by abusing email transport rules. Learn how these sophisticated attacks work, plus how to detect them in Splunk, Microsoft Sentinel, IBM QRadar & Sumo Logic.
Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, along with associated MITRE
“Organizations need to become more intentional about detection in their SOCs. What should we detect? Do we have use cases for those scenarios? Do they actually work? Do they help my SOC analysts effectively triage
Spring into action (with SIEM detection rules for Spring4shell) The Spring Framework is an open source application framework that provides infrastructure support for developing Java applications. The framework can be used by any Java application
Image credit: World of Dictionary A new player has entered the game The ”Lapsus$” group, unknown before December 2021, has made multiple headlines in recent weeks, following multiple data breaches in big companies such as