BF-SIRT Newsletter 2017-30

The top stories from this week is that Adobe Announces End of Flash for 2020 and Microsoft announces Windows Bounty Program.

You can also read about JA3, TLS Client fingerprinting for malware detection or how Symantecs sloppy key verification leads to revocation of certificates.

Top 5 Security links
Adobe Announces End of Flash for 2020
Microsoft announces Windows Bounty Program
JA3 Hash To Fingerprint SSL/TLS Connections
Symantec Sloppy Key Verification Leads To Revocation of Certificates
Finding Domain frontable Azure domains

BF-SIRT Newsletter 2017-29

The top stories from this week is the Remote Code Execution In Source Games, and how Free Certs Come With a Cost.

You can also read about how WSJ Parent Company Dow Jones Exposed Customer Data due to improperly configured Amazon S3 and take a deep dive into AWS S3 access controls.

Top 5 Security links
Remote Code Execution In Source Games
Free Certs Come With a Cost
WSJ Parent Company Dow Jones Exposed Customer Data
A deep dive into AWS S3 access controls
Memcached – A Story of Failed Patching & Vulnerable Servers

BF-SIRT Newsletter 2017-28

The top stories from this week is a Kerberos SNAME security feature bypass vulnerability (sound autoplays), and new LDAP & RDP relay vulnerabilities in NTLM.

You can also read about how Magecart attackers monetize stolen payment card info, or how attackers are increasingly living off the land.

Top 5 Security links:
Kerberos SNAME Security Feature Bypass Vulnerability (sound autoplays)
New LDAP & RDP Relay Vulnerabilities in NTLM
How Magecart Attackers Monetize Stolen Payment Card Info
Attackers are Increasingly Living Off the Land
Google patches pwnable ‘droids for Wi-Fi vuln

What is the Azure Stack?

– Azure Stack is Azure public cloud services delivered from our own local datacenter. It is made up of dedicated hardware delivered by Microsoft certified partners such as HP/Dell/Lenovo based on Microsoft specifications.

What is the Azure Stack?
– Azure Stack is Azure public cloud services delivered from our own local datacenter. It is made up of dedicated hardware delivered by Microsoft certified partners such as HP/Dell/Lenovo based on Microsoft specifications. The solution is available through the Azure Stack portal, APIs, Resource Manager templates. These are all consistent with the Azure in the public cloud, so the experience for the IT Pro and developer are the same.

Are all Azure services available?
– No, just as in the public cloud version of Azure. The services offered in the region may differ. In the Azure Stack, a subset of the services will be available. To begin with, the focus will be on core services compute, storage and networking (IaaS) and certain PaaS services (App Service, Service Fabric). This will be expanded during the next releases. Some services will never be appropriate to establish in a local version of Azure, ex: HPC solutions where one scales up to 1000 computers for a few hours.

When will it be launched?
-Today the Technical Preview v3 (TP3) is available. GA (General Availability) from Microsoft is scheduled to be in middle of the summer, and for a period after the launch there will be tests and integration tests with hardware vendors before the solution is installed in Basefarm’s data center.

When will it be available As A Service from Basefarm?
– Basefarm plans to offer Azure Stack during the late summer/fall. This depends on Microsoft and hardware partners.

How should the Basefarm offer Azure Stack?
– Basefarm will initially offer Azure Stack as a Service just as Azure in the public cloud. This means several customers can use the solution as they would like. There will also be a Pay As You GO model. It will also be possible to offer Azure Stack as a dedicated solution for the customers has special requirements and needs.

What are the key scenarios for Azure Stack?
– Azure Stack is relevant for customers with needs for solutions and data to be local. There may be various reasons for this. Here some examples:

  • Modernization of legacy applications. You have an existing application that consists of layers that you would like to modernize, e.g. the Web frontend. Taking advantage of the flexibility that public cloud offers is tempting, but you cannot move it all to the Azure because of a larger database, software that is not supported in Azure or software that cannot run in Azure due to dependencies to other components.
  • Latency, the distance to the Azure regions (e.g. The Netherlands and Dublin) is too large and it is creating a delay in the network.
  • Regulatory requirements, e.g. requirements for inspection of the data center.
  • Data sovereignty, data needs to stay in the country

How will the Azure Stack connect with public Azure (technical and billing/subscription)?
– Billing/subscription: The customer can buy consumption in the Azure Stack through Basefarm’s Cloud Solution Provider Agreement with Microsoft. The same ‘pay as you go’ model and the flexibility as in the public cloud.
– Technical: Basically, customers can build solutions that run across the Azure public and Azure Stack. Furthermore, it is also planned for the combinations of these with Basefarm’s own cloud solutions/private clouds.

Do I need an Azure subscription to use Azure Stack?
– Yes. One uses a subscription just as in Azure public cloud. It’s consistent.

Will Basefarm offer operation services for infrastructure based on Azure Stack?
-Yes. We will offer operations like we do on Azure. The managed services will be flexible to the customer depending on whether their focus is DevOps with customer’s process and control, or a more ITIL based process offered by Basefarm.

Replaces the Azure Stack a typical “private cloud”?
– Eventually. Initially it is a limited version of public Azure.

Can I start to test and possibly create a reference architecture for the Azure Stack today?
– Yes. You can set up a test version (TP3), but the easiest way is to use public Azure and set Resource Policies on a subscription or a resource group. You can read more about that on the Microsoft blog.

Where can I find more information about Azure Stack?
– Azure Stack Shotcuts is a good place to start. Jeffrey Snover (Microsoft), Chief Architect Azure Stack, held on 7. May an overall presentation during DEVIntersection that gives a good updated introduction to Azure Stack.

Who can I contact for more information in Basefarm around Azure Stack?
– Please contact Geir Morten Allum, Senior Cloud Architect – Product Development, geir.morten.allum@basefarm.com

BF-SIRT Newsletter 2017-27

The top stories from this week is that Ukraine Police Seize Servers, Blame Software Firm for ‘Petya’ and that Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets.

You can also read about a Dark Web Site Creates Robocalls to Steal People’s Credit Card PINs, or Breached Bitcoin Bithumb bosses blame bod’s BYOD.

Top 5 Security Links
Ukraine Police Seize Servers, Blame Software Firm for ‘Petya’
Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets
This Dark Web Site Creates Robocalls to Steal People’s Credit Card PINs
Breached Bitcoin Bithumb bosses blame bod’s BYOD
How to defend your website with ZIP bombs