Monthly Archives: April 2017

Microsoft Invitation makes my browser look hijacked?

Posted on 04/19/2017 by azsec

We all know when granting permission to an account, this account will receive an invitation email that link to the Microsoft Invitation page. Today when doing some stuffs of authorization, I realized that Microsoft would make something *perhaps not correct* … Continue reading

Posted in Security Operation | Leave a comment

Brute-force attack mitigation on Microsoft Azure

Posted on 04/18/2017 by azsec

Brute-force attack is simply to continuously attempt to discover your password by combining all possible passwords it can guess. That said, human can guess a password by trying to brainstorm all possibilities such as birthday, girlfriend name, a memorable location or … Continue reading

Posted in Identity & Access Control | Tagged , | 1 Comment

Enable Multi-factor authentication on the Azure Management Portal

Posted on 04/18/2017 by azsec

Multi-factor authentication means by its name, giving one more step of authentication to protect your account.  The authentication step can be a time-based one-time password sent from a cloud authentication provider such as Google Authenticator, Microsoft Authenticator. The authentication step … Continue reading

Posted in Identity & Access Control | Tagged | Leave a comment

What is securitydata resource group in Microsoft Azure?

Posted on 04/14/2017 by azsec

If you happen to see a strange securitydata resource group in your Azure subscription, you would be pretty much surprised what the heck it is. You would be angry on someone in your cloud team if the Azure subscription is shared … Continue reading

Posted in Azure Security Center | Leave a comment