gbhackers.com
Open in
urlscan Pro
172.67.165.236
Public Scan
URL:
https://gbhackers.com/azure-logs-to-identify-threats/
Submission: On May 05 via manual from SG — Scanned from SG
Submission: On May 05 via manual from SG — Scanned from SG
Form analysis 4 forms found in the DOM
POST #
<form class="td-login-form-wrap" action="#" method="post">
<div class="td-login-panel-title"><span>Welcome!</span>Log into your account</div>
<div class="td_display_err"></div>
<div class="td-login-inputs"><input class="td-login-input" autocomplete="username" type="text" name="login_email" id="login_email-mob" value="" required=""><label for="login_email-mob">your username</label></div>
<div class="td-login-inputs"><input class="td-login-input" autocomplete="current-password" type="password" name="login_pass" id="login_pass-mob" value="" required=""><label for="login_pass-mob">your password</label></div>
<input type="button" name="login_button" id="login_button-mob" class="td-login-button" value="LOG IN">
<div class="td-login-info-text">
<a href="#" id="forgot-pass-link-mob">Forgot your password?</a>
</div>
<div class="td-login-register-link"></div>
</form>GET https://gbhackers.com/
<form method="get" class="td-search-form" action="https://gbhackers.com/">
<div class="td-search-close">
<span><i class="td-icon-close-mobile"></i></span>
</div>
<div role="search" class="td-search-input">
<span>Search</span>
<input id="td-header-search-mob" type="text" value="" name="s" autocomplete="off">
</div>
</form>GET https://gbhackers.com/
<form method="get" class="tdb-search-form" action="https://gbhackers.com/">
<div class="tdb-search-form-inner"><input class="tdb-head-search-form-input" placeholder=" " type="text" value="" name="s" autocomplete="off"><button class="wpb_button wpb_btn-inverse btn tdb-head-search-form-btn"
type="submit"><span>Search</span></button></div>
</form>Name: mc-embedded-subscribe-form — POST https://gbhackers.us14.list-manage.com/subscribe/post?u=6c205143b8eda9ef337293b61&id=03468a2199&f_id=00d6c2e1f0
<form class="tdn-form" action="https://gbhackers.us14.list-manage.com/subscribe/post?u=6c205143b8eda9ef337293b61&id=03468a2199&f_id=00d6c2e1f0" method="post" name="mc-embedded-subscribe-form" target="_blank">
<div class="tdn-email-bar">
<div class="tdn-input-wrap"><input type="email" aria-label="email" name="EMAIL" placeholder="Your email address" required=""></div>
<div class="tdn-btn-wrap"><button class="tdn-submit-btn" type="submit" name="subscribe">Subscribe</button></div>
</div>
</form>Text Content
Linkedin
Sign in
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Sign in
Welcome!Log into your account
your username
your password
Forgot your password?
Password recovery
Recover your password
your email
Search
GBHackers On SecurityTrusted Cyber Security News Platform
Sunday, May 5, 2024
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Linkedin
Twitter
GBHackers On SecurityTrusted Cyber Security News Platform
* Home
* Threats
* THREATS
WHAT IS GLOBAL THREAT INTELLIGENCE? – SOC/DFIR TEAM GUIDE
Cyber Security News
NEW ACOUSTIC KEYBOARD SIDE CHANNEL ATTACK LET ATTACKERS STEAL SENSITIVE
DATA
cyber security
RA WORLD RANSOMWARE ATTACK WINDOWS USING HACKED DOMAIN CONTROL & ANTI-AV
TACTICS
Cyber Security News
AMOS MACOS STEALER STEALS PARTICULAR FILES ON THE SYSTEM & BROWSER DATA
Cyber Security News
NEW MALICIOUS PYPI PACKAGES USE DLL SIDELOADING IN A SUPPLY CHAIN ATTACK
* Vulnerability
* cyber security
APACHEMQ AUTHENTICATION FLAW LET UNAUTHORIZED USERS PERFORM MULTIPLE
ACTIONS
Cisco
CISCO IP PHONE VULNERABILITY LET ATTACKERS TRIGGER DOS ATTACK
cyber security
THREAT ACTORS RENTING OUT COMPROMISED ROUTERS TO OTHER CRIMINALS
Cyber Security News
SAFARI VULNERABILITY EXPOSES EU IOS USERS TO MALICIOUS MARKETPLACES
Cyber Security News
AN EMPTY S3 BUCKET CAN MAKE YOUR AWS BILLS EXPLODE
* Cyber AI
* Cyber AI
PHISHING ATTACKS RISE BY 58% AS THE ATTACKERS LEVERAGE AI TOOLS
Cyber AI
NSA, CISA & FBI RELEASED BEST PRACTICES FOR AI SECURITY DEPLOYMENT 2024
Cyber AI
ZOOM UNVEILS AI-POWERED ALL-IN-ONE AI WORK WORKPLACE
Cyber AI
HACKERS ACTIVELY EXPLOITING RAY AI FRAMEWORK FLAW TO HACK THOUSANDS OF
SERVERS
Cyber AI
HACKERS SELLING GLORYSPROUT MALWARE WITH ANTI-VM FEATURES IN UNDERGROUND
FOURM FOR $300
* Cyber Tools
* Data Breach
* Cyber Crime
EX-CYBERSECURITY CONSULTANT JAILED FOR TRADING CONFIDENTIAL DATA
cyber security
68% OF DATA BREACH OCCURS DUE TO SOCIAL ENGINEERING ATTACKS
cyber security
HACKERS CLAIMING BREACH OF UAE GOVERNMENT SERVERS
Cyber Attack
NEW DRAGONFORCE RANSOMWARE EMERGED FROM THE LEAKED LOCKBIT BUILDER
Cyber Attack
HACKERS GROUP CLAIMS TO HAVE BROKE INTO IDF & STOLEN DOCUMENTS
* Top 10
* Checklist
WEB SERVER PENETRATION TESTING CHECKLIST – 2024
Network Pentesting
50+ NETWORK PENETRATION TESTING TOOLS FOR HACKERS & SECURITY PROFESSIONALS
– 2024
Business
10 PROMINENT CYBERSECURITY ACQUISITIONS OF 2023
Top 10
10 BEST UNIFIED ENDPOINT MANAGEMENT TOOLS – 2024
Top 10
TOP 5 KUBERNETES VULNERABILITIES – 2023
* What is
* cyber security
WHAT IS ENCRYPTION IN MALWARE? – UNDERSTAND FROM BASICS TO XOR
Cyber Attack
CLIENT-SIDE EXPLOITATION: POISONING WEBDAV+URL+LNK TO DELIVER MALICIOUS
PAYLOADS
Penetration Testing
EXPLORING HOW PENETRATION TESTS ARE CLASSIFIED – PENTESTING ASPIRANT GUIDE
2024
Cyber Attack
5 MAJOR PHISHING CAMPAIGNS IN MARCH 2024
Malware
HOW TO ANALYSE .NET MALWARE? – REVERSE ENGINEERING SNAKE KEYLOGGER
Search
HOW TO UTILIZE AZURE LOGS TO IDENTIFY THREATS: INSIGHTS FROM MICROSOFT
May 1, 2024
By Guru baran
Microsoft’s Azure platform is a highly acclaimed and widely recognized solution
that organizations worldwide are leveraging.
It is regarded as a game-changer in the industry and has emerged as a dependable
and efficient platform that helps businesses achieve their goals effectively.
With its robust logging and monitoring tools, Azure offers a comprehensive suite
of capabilities designed to detect anomalies, respond to security incidents, and
safeguard sensitive data and assets in the cloud.
A recent exploration into the strategies, methodologies, and log analysis
techniques by Microsoft’s security experts sheds light on how to effectively
utilize Azure Logs to identify and counteract threat actor actions.
At the heart of Azure’s defense mechanism is efficiently comprehending and
utilizing logs for threat hunting.
Document
INTEGRATE ANY.RUN IN YOUR COMPANY FOR EFFECTIVE MALWARE ANALYSIS
Are you from SOC, Threat Research, or DFIR departments? If so, you can join an
online community of 400,000 independent security researchers:
* Real-time Detection
* Interactive Malware Analysis
* Easy to Learn by New Security Team members
* Get detailed reports with maximum data
* Set Up Virtual Machine in Linux & all Windows OS Versions
* Interact with Malware Safely
If you want to test all these features now with completely free access to the
sandbox:
Try ANY.RUN for FREE
This process is critical in identifying the initial breach and understanding the
subsequent actions executed by threat actors.
Microsoft emphasizes integrating best practices for log management, analysis,
and incident response to stay ahead of evolving cyber threats.
Microsoft describes a hypothetical attack scenario involving a “Pass the Cookie”
assault, where an adversary steals a user’s session cookie to gain unauthorized
access to their account.
Attack Scenario (Source: Microsoft)
This example underscores the necessity of vigilant monitoring and analysis of
Azure logs to detect such sophisticated attacks.
LOG ANALYSIS TECHNIQUES
To combat the complexities of cyber threats, Microsoft advocates for using Azure
Log Analytics.
This tool plays a pivotal role in investigating security incidents within Azure
subscriptions.
Investigation Flow (Source: Microsoft)
By directing both Microsoft Entra ID Audit logs and Azure Activity logs to Log
Analytics, organizations can consolidate these logs in the CloudAppEvents table.
At the same time, Log Analytics organizes this data into the AuditLogs and
AzureActivity tables, respectively.
Microsoft provides examples of Log Analytics queries, such as hunting for Azure
Role assignments to newly added guest user accounts, demonstrating the practical
application of log analysis in identifying potential security threats and
vulnerabilities.
Understanding the scope and complexity of threat actor actions is crucial in
fortifying defenses against cyberattacks.
The detailed analysis of logs enables organizations to trace attackers’ steps,
from the initial breach to their movements within the Azure environment.
This insight is invaluable in developing strategies to prevent future attacks
and enhance the security posture of cloud subscriptions.
SCOPE AND COMPLEXITY
The investigation of cloud environments in Azure subscriptions reveals the
multi-faceted nature of maintaining a secure and resilient cloud environment.
Microsoft’s guidance on utilizing logs effectively, and ideally centralizing
them, empowers organizations to enhance their threat hunting capabilities.
This proactive approach is essential in identifying potential security threats
before they can cause significant damage.
The utilization of Azure Logs for identifying threats is a testament to
Microsoft’s commitment to providing advanced tools and methodologies for
cybersecurity.
By leveraging these insights and techniques, organizations can significantly
improve their ability to detect and respond to cyber threats, ensuring the
security and resilience of their cloud environments.
Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security
Awareness Training -> Try Free Demo
* Tags
* cyber security
* Cyber Security News
MANAGED WAF PROTECTION
LATEST ARTICLES
Cyber Crime
EX-CYBERSECURITY CONSULTANT JAILED FOR TRADING CONFIDENTIAL DATA
Vincent Cannady, a professional who used to work as a consultant in the
cybersecurity...
May 4, 2024
cyber security
MAL.METRICA MALWARE HIJACKS 17,000+ WORDPRESS SITES
Infected websites mimic legitimate human verification prompts (CAPTCHAs) to
trick users, who often request...
May 3, 2024
cyber security
HACKERS EXPLOIT MICROSOFT GRAPH API FOR C&C COMMUNICATIONS
An emerging threat leverages Microsoft's Graph API to facilitate
command-and-control (C&C) communications through Microsoft...
May 3, 2024
cyber security
APACHEMQ AUTHENTICATION FLAW LET UNAUTHORIZED USERS PERFORM MULTIPLE ACTIONS
Apache ActiveMQ is a Java based communication management tool for communicating
with multiple components...
May 3, 2024
cyber security
68% OF DATA BREACH OCCURS DUE TO SOCIAL ENGINEERING ATTACKS
In the latest edition of Verizon's Data Breach Investigations Report (DBIR) for
2024, a...
May 3, 2024
cyber security
U.S. GOVT WARNS OF MASSIVE SOCIAL ENGINEERING ATTACK FROM NORTH KOREAN HACKERS
The United States government has issued a stark warning about a new wave of...
May 3, 2024
Cisco
CISCO IP PHONE VULNERABILITY LET ATTACKERS TRIGGER DOS ATTACK
Cisco has disclosed multiple vulnerabilities in its IP Phone firmware that could
severely impact...
May 3, 2024
FacebookFacebook
InstagramInstagram
LinkedinLinkedin
TwitterTwitter
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He
has 10+ years of experience as a Security Consultant, Editor, and Analyst in
cybersecurity, technology, and communications.
WAAP/WAF ROI ANALYSIS
MASTERING WAAP/WAF ROI ANALYSIS
As the importance of compliance and safeguarding critical websites and APIs
grows, Web Application and API Protection (WAAP) solutions play an integral
role.
Key takeaways include:
* Pricing models
* Cost Estimation
* ROI Calculation
Book Your Spot
RELATED ARTICLES
EX-CYBERSECURITY CONSULTANT JAILED FOR TRADING CONFIDENTIAL DATA
MAL.METRICA MALWARE HIJACKS 17,000+ WORDPRESS SITES
HACKERS EXPLOIT MICROSOFT GRAPH API FOR C&C COMMUNICATIONS
APACHEMQ AUTHENTICATION FLAW LET UNAUTHORIZED USERS PERFORM MULTIPLE ACTIONS
68% OF DATA BREACH OCCURS DUE TO SOCIAL ENGINEERING ATTACKS
CONNECT WITH GBHACKERS ON SECURITY
JOIN 70,000 SECURITY PROFESSIONALS
Stay safe online with free daily cybersecurity updates. Sign up now!
Subscribe
GBHackers on security is a highly informative and reliable Cyber Security News
platform that provides the latest and most relevant updates on Cyber Security
News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily
basis. The platform is dedicated to keeping the community well-informed and
up-to-date with the constantly evolving Cyber World.
MENU
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Linkedin
Twitter
CONTACT US:
Email : admin@gbhackers.com