Discover and read the best of Twitter Threads about #Azure

Most recents (24)

How can a reviewer get a quick overview of a pull request?
One possibility is to provide the pull request directly in a test environment.
For our open source project #bestofui5 on GitHub we provide the pull requests ad hoc directly as an #Azure Static Web App.
How? 👇 Image
In general, we use the possibilities of GitHub Actions, Azure Static Web Apps and Azure CLI here. Especially because these can be used free of charge.
The app is an #OpenUI5 app.
github.com/ui5-community/…
The data comes from another GitHub repository.
github.com/ui5-community/…
It does not make sense to provide this for all PRs.
So that the user can easily trigger the deployment, we have created a label for this.
When the label is added to a PR, an Azure Static Web App is created, a build is performed and this build is deployed.
github.com/ui5-community/… Image
Read 8 tweets
Another month has passed so we’re back with the most watched #Angular #meetups from June.

Dive right into internationalization, inject services, smart apps, libraries, providers and much more. Extend your knowledge with the highest-rated #techtalks.

blog.meetupfeed.io/angular-tech-t…
Introduction to Internationalization in Angular via @marktechson

Mark Thompson covers in 15 minutes how to internationalize and localize an #application in #Angular to do exactly what you wish for!

meetupfeed.io/talk/introduct…
New Way to Inject Services in #Angular 14 via @DecodedFrontend
Let’s have a look at some base use cases.

meetupfeed.io/talk/new-way-t…
Read 8 tweets
I was able to access thousands of companies’ passwords on #Azure and run code on their VMs.
This includes access to Microsoft’s own credentials… 💣

Here’s HOW I did it.
This is the story of #SynLapse. (1/11)
Looking at the Microsoft Azure bounty program, I noticed that “cross-tenant data leakage” in @azuresynapse is regarded as a high-impact scenario ❗️

The service queries data imported from customer sources (MySQL, CosmosDB, Amazon S3...)

How do you define a data source? (2/11)
1. Create a new “Linked Service”.
2. Select a platform, e.g. MySQL.
3. Choose an “integration runtime” (the machine that imports the data), either your own or the shared default one called “AutoResolveIntegrationRuntime”.

And then… you just type in your credentials 🔑 (3/11)
Read 11 tweets
Where do #Azure attack paths come from? Attack paths that abuse (mis)configurations generally emerge from two types of control in Azure: explicit control and implicit control.

Let's see what that means and how you as a defender can eliminate the most dangerous paths:🧵
Explicit control means there is a one-to-one control relationship clearly defined on the controlled object. For example, Azure Users can be made explicit owners of Azure Service Principals: Image
David owns MyCoolAzureApp, meaning David can add a new credential to that Service Principal and authenticate as it, taking over the identity.

But this explicit configuration does not exist in isolation: there are paths INTO the user OUT of the SP: Image
Read 11 tweets
💡Are you ready for to start building microservices and containerized apps?

🎉Azure Container Apps is ready for production, and here's all the info you need to get started... 🧵

#MSBuild #containers #azure cc:@AzContainerApp
Starting from scratch, you can use:

🖥️A sample image bit.ly/ca-qs1
💻 Your own image bit.ly/ca-qs2
‍💻 Code on your machine bit.ly/ca-qs3

Plus use private or public registries & use the Azure portal, CLI, or an editor!

#MSBuild #containers #azure
🗣️Learn to enable communication between microservices

👉 bit.ly/ca-tut1

#MSBuild #containers #azure
Read 20 tweets
I was able to access #Azure user credentials and run code on other customers’ machines.
The vulnerability is called #SynLapse.

It was a vulnerability in Azure Synapse Analytics (@Azure_Synapse) & Azure Data Factory, exploiting a major flaw in the tenant separation.

(1/3)
Through access to an internal API server I was able to:
- Obtain access to other customers’ Synapse workspaces
- Perform API operations like adding/deleting resources
- Run code on their service machines
- Most importantly: leak all credentials they stored in the service.

(2/3)
This blog is an advisory surrounding this issue, where the root attack vector was patched and assigned CVE-2022-29972.

>>> Technical details soon.
>>> Microsoft’s blog is in the comments.

(3/3)

orca.security/resources/blog…
Read 4 tweets
☁ You will likely encounter pushback when moving to the cloud. Moving to something new may seem risky and unnecessary to the developers. This requires a cultural shift.

💎 Here are some tips on how to tackle this problem.

#cloud #googlecloud #azure #aws
1. Sync with cross-functional teams early and often. Train them so they understand the benefits of the cloud and are comfortable and knowledgeable using it.
2. Help teams understand the benefits, the project's processes, the desired goals and outcomes.
Read 6 tweets
1/ #Azure #Hardening Tip #5: Legacy authentication to bypass MFA in Azure AD

"One of the most common methods used by attackers to gain access to Azure tenants is credential theft or password spraying with legacy authentication protocols. Legacy authentication protocols
2/ do not support MFA and (if enabled) can be used to gain access to hosted data and resources via Azure AD."

☝️Quote from the M-Trends 2022 Report.

A few weeks ago, I created a presentation titled "Attack target Azure", where these two points are also outlined as the most
3/ common methods (used by attackers) into Azure Tenants.

To better secure Azure Tenants, I recommend creating an evaluation of the applications that still use legacy authentication protocols. The use of these protocols should be prevented with Conditional Access Policies (CAP).
Read 6 tweets
What is CI/CD?

Continuous integration (CI) and continuous delivery (CD) are two approaches to software development that are designed to improve code quality and enable rapid delivery and deployment of code.

#DevOps #CICD #Cloud #Agile #Testing #Cloud #Linux #Security #ITjobs
A modern CI/CD pipeline in DevOps has build, test, and deploy stages-and aims to automate as many of the processes within these stages as possible.

1. Source Code: Changes to source code can trigger CI/CD tools to initiate the pipeline, or the CI/CD pipeline may be triggered
by automated scheduled work sessions or user-initiated workflows.
2. Build: The new code changes to applications are created and compiled to be prepared for the testing phase.

3. Testing: Testing automation via CI can save developers tremendous time and effort.

#Testing
Read 8 tweets
According to Russia 🇷🇺 "The unexpected reveal of "innocent patients" with assault rifles showcased how the Ukrainian military uses ambulances." 🚨

Their proof? A video of 21 sec.

What do we see? Investigate! 👇 1/...

#OSINT 🔎
#Verification 🎥
#GeoLocation 🌍
#HowToOSINT 🧐
The investigation on this tweet from the Ministry of Foreign Affairs of Russia is a team effort together with @Techjournalisto, @ArchitMeta and @akhmxt.

(Follow them if you like these kind of #OSINT-investigations.)

The short video is viewed more than 110K times. 2/...
Armed men emerge from a van bearing the logo of the Red Cross.

The International Red Cross (ICRC) has a neutral status, also in the war in #Ukraine.

Do we see a recent war crime by the Ukrainian army in this clip? 3/...
Read 35 tweets
Application Security is one of the top skills that every tech firm is aggressively looking for 🚀

If you are a person who wants to make a great career in AppSec, this thread is for you 👇

🧵

#applicationsecurity #infosec #cloudsec #azure #aws
Five ways you could teach yourself Application Security

1 / 5
Five ways you could teach yourself Application Security

2 / 5
Read 8 tweets
I found a vulnerability in #Azure allowing me to access Azure accounts of companies worth billions

We all know vulnerabilities exist. This isn't an injection, XSS, or RCE.

But the crazy thing about it?
It took 2 hours to discover. 🤯

Here's the story of #AutoWarp👇 (1/10)
Scrolling through the endless list of Azure services, I’m looking for a new target

So I click “Automation Accounts” not really knowing what it even means. I quickly realized that this is basically a service for running Python & PowerShell scripts. 🧐 (2/10)
I uploaded a reverse shell script and started typing every Windows command I could remember

The real fun started when I found this suspicious log on the machine:
"Creating asset retrieval web service. [assetRetrievalEndpoint=http://127.0.0.1:40008]" (3/10)
Read 10 tweets
Here are all #Azure #Subscription types explained - some of which you may not hear of

🧵👇
➡ Free
For new accounts, $200 credits on registration, valid for the first 30 days and include free services. No cryptomining, no quota increase, limited support. After 30 days or after spending the credit, users need to upgrade the subscription.
The upgrade will allow you to continue using services for free for another 11 months (for example, 750h of Free B1s VM, 5GB LRS storage, 250GB SQL DB, ...) and a bunch of always free services. Other services will be billed to your cc.
Read 15 tweets
Wanna Learn Azure in 30 Days? 🚀
Here's Day 5 of 30 and will be learning today💯:

🪣 Azure Storage Services
🕸️Azure Virtual Networks

Let's go!
#azure #learningazure #cybersecurity #AzStorage
(1/n)
🪣 Azure Storage Services : Azure provides scalable data objects for different sorts of service like Disk Storage for VMs, File Systems, Messaging Storages and NoSQL.

➼ AZ Storage Objects are managed by Storage A/c

➼ Azure Storage Account contains all data objects

(2/n)
➼ Storage Account comes with different performance types, these includes :
➼ Standard : Comes with General Purpose V2
➼ Premium : Comes with -
(a) Block Blobs : High Transfer Rate & Low Latency
(b) File Shares : High Performance & Scalable
(3/n)
Read 10 tweets
Wanna Learn Azure in 30 Days? 🚀
Here's Day 4 of 30 and will be learning today💯:

👨‍💼Azure Resource Manager (ARM)
🖥️Core Compute Services

(1/n)
#azure #cybersec #az #cloud #LearnAzure #learningazure
🧑‍💼Azure Resource Manager (ARM) : It provides management layer for all resources in Azure.

➼ All platforms from where we can manage cloud resources such as Portal, Az Module, AZ CLI, Rest API or SDKs, all communicate with ARM to perform actions in environment

(2/n)
➼ When request from any platform is sent to ARM then performs authentication and then forward request to resources providers for actions.

➼ ARM also includes templates known as (ARM Templates) for deploying resources repeatable and consistently.

(3/n)
Read 9 tweets
There are two very interesting new cmdlets in this release:

Invoke-AzureVMUserDataCommand and Invoke-AzureVMUserDataAgent.

In this thread I'll offer my thoughts on how these can be used for extremely hard-to-detect #Azure c2:
This c2 technique is based on Azure IMDS: docs.microsoft.com/en-us/azure/vi….

This service is accessible to every VM in Azure. As far as I know, there's no reason to ever disable this service for a VM, so it should always be accessible to every Azure VM.
IMDS's REST API is available to each VM at the non-routable, local IP of 169.254.169.254.

In April of this year, Microsoft introduced an IMDS feature called "User Data": azure.microsoft.com/en-us/updates/…
Read 9 tweets
Looking for the best #Career related videos in November? Look no further, we have already selected them for you!🥳

blog.meetupfeed.io/it-career-meet…

#programming #tech
🔥First up: Dive into matters with @HelenJoScott , who tells you all the things you need to know besides how to write code well. Find out how you can be an extraordinary #developer wanted by many headhunters.

meetupfeed.io/talk/tech-talk…

@WomenWhoCode
Jump into #accessibility and let @RobPreciousA11Y elaborate on the triggers that start accessibility work at a company. @Techyrey continues by making it easier for you to stand out.🔝
meetupfeed.io/talk/an-introd…

@manc_web
Read 7 tweets
Thread:

API permissions in #Azure can be configured such that attack paths leading to Global Admin emerge. Prior work and links to our work below:
Blog: Azure Privilege Escalation via Azure API Permissions Abuse posts.specterops.io/azure-privileg…
Read 7 tweets
Watching @NetAppINSIGHT keynote? Me too. Here are my quick thoughts. A 🧵

#NetAppINSIGHT /1
IMO, #NetApp was the traditional on-premises #Storage vendor that moved faster to the #Cloud. They created the #DataFabric vision a few years ago and are delivering value today.

#NetAppINSIGHT /2
With ONTAP services available on #AWS, #Azure and #GoogleCloud, I can compare what #NetApp is doing with #Storage to what #VMware is doing with virtual machines: providing existing customers an easier path to #Cloud migration.

#NetAppINSIGHT /3
Read 10 tweets
100+ Free Cloud Computing Courses for Beginners
learn AWS, GCP, Azure
All more than 4 ⭐️⭐️⭐️⭐️

A thread 🧵

#Cloudcomputing #AWS #GCP #Azure
6 Best Free Online Courses to Learn Microsoft Azure Cloud Platform and Services in 2021 - Best of Lot
java67.com/2020/07/5-free…
5 Free Online Courses for AWS Solution Architect Professional Exam in 2021
java67.com/2020/10/5-free…
Read 14 tweets
/1 Thought of doing a thread on Akash $AKT, explaining why it could be a game-changer in the decentralised cloud computing space. @akashnet_ has leveraged blockchain to build a decentralised cloud hosting solution that seeks to disrupt the cloud computing industry. #AWS #Azure
/2 Akash is the first distributed peer-to-peer open cloud computing marketplace. Akash is a serverless computing platform. Think #Uber, think #AirBnb. Akash cuts out the middleman in a similar vein.
/3 Hence, Akash is positioned to disrupt giants in the industry such as #AWS, #Azure and #Google, much the same way Airbnb disrupted the lodging and vacation rental industry.
Read 14 tweets
Top 10 resources to use while preparing for AWS Certification Exams: #AWS #cloud

🧵 A Complete Thread 🧵
👇 Make sure to retweet this 🤗
1. Explore Amazon Web Services (AWS) Website:
Link: amzn.to/3xxj4u6

Explore any topic in depth using AWS White Papers:
Link: amzn.to/3qZ95LH

#Azure #cloudcomputing
2. The best way to learn anything is by getting your hands dirty.
Start your AWS journey by creating AWS account.

Link: amzn.to/2UFsW6h
Read 13 tweets
List of all the EVENTS for this month (July 21) for FREE Microsoft Azure Certifications by Microsoft:
#CloudComputing

🧵A Complete Thread 🧵
👇 Make sure to retweet and bookmark this 😇
After getting 200+ DM requests and exploring MS official event website, here are all the events with registration links down below. ☁️☁️
#Azure #cloud #Azure #GCP

Certifications Covered:
Microsoft's 💻
1. Azure Fundamentals
2. Azure Data Fundamentals
3. Azure AI Fundamentals
A) Microsoft Azure Fundamentals certification exam

Event 1: 19 July & 20 July 2021

mktoevents.com/Microsoft+Even…

Event 2: 20 July and 21 July

mktoevents.com/Microsoft+Even…
Read 9 tweets
How to earn free Microsoft Azure Cloud Certification??
Without Spending A Single Penny 💰☁️
#CloudComputing

🧵A Complete thread 🧵
🔆👇 Make sure to retweet this 🤗
Microsoft is offering free training and certifications for basic level certs. So go and grab this opportunity...!

Certifications Covered:
1. Azure fundamentals AZ 900
2. Data Engineer DP 203
3. AI Fundamental AI 900

#aws #oracle #alibaba #Azure
Step 1:
Visit MS Official Events Page-
events.microsoft.com/?timeperiod=ne…

Step 2:
Select filter 'Cloud Platform'. Choose you preferred language and Search for events

Step 3:
Select Any event and Register for it. Make sure to check for free Certification voucher.
Read 9 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!