Serge Borso

Don't forget our Webcast w/ @SergeBorso next week, where he'll discuss pathways to get from where you are in your current job role, to advancing your career in #CloudSecurity. 🗓️ Oct 24 at 10 am ET / 14:00 UTC ✍️ Register here: sans.org/u/1suJ #SANSCloudAce

We finally have more info about how exactly Microsoft was hacked by Chinese threat actors. It’s a doozy, so strap in. Back in June, hacking group Storm-0558 accessed the cloud-based Outlook email systems for 25 organizations, including at least two US government agencies. We finally know how they managed to pull it off. The hackers got their hands on a Microsoft account consumer signing key, all the way back in 2021. This cryptographic key is used to generate authentication ‘tokens’ that prove a user’s identity before they’re allowed to access data and services. This is usually stored in a highly isolated and restricted ‘production environment.’ However, during an April 2021 consumer signing system crash, the signing key made its way out of this secure environment and into a crash dump, which should not happen under normal circumstances. A race condition allowed the key to be present in the crash dump, which Microsoft did not know at the time, and this mass of data was subsequently moved from the isolated production network into the company’s debugging environment on the internet-connected corporate network. At some point after this, Storm-0558 successfully compromised a Microsoft engineer’s corporate account, which had access to the debugging environment containing the crash dump, and subsequently the signing key. @Microsoft’s explanation covers this whole controversy, and the company has since patched the accumulation of errors and issues that led to this, but the one missing link is how the threat actors got their hands on this engineer’s account. As my good friend Jacob Williams put it in the article below, “All the best hacks are deaths by 1,000 paper cuts, not something where you exploit a single vulnerability and then get all the goods.” Indeed, the best threat actors are cunning, patient and perseverent - so much so that they can infiltrate global corporations. Here’s the news story: wired.com/story/china-ba… Microsoft’s post-mortem report on the attack: msrc.microsoft.com/blog/2023/09/r…

Don't forget our Workshop with @SergeBorso on July 25 where you'll learn how experts solve for the security concerns surrounding #CloudVMs. 🗓️ 10 am ET / 14:00 UTC ✍️ Register to attend: sans.org/u/1rii #SANSCloudAce #CloudSecurity #CloudComputing

Join us on July 25 for a SANS Workshop w/ @SergeBorso where we’ll learn how experts solve for the security concerns surrounding #VirtualMachines in a cloud environment. ✍️ Register here: sans.org/u/1rii #SANSCloudAce #CloudSecurity #CloudComputing

One of the benefits of attending a #SmallBusiness event on #cybersecurity is learning from experts in the field. Join us Free Live Online for the SANS #SmallBusinessSummit to learn from these experts. ➡️ Register here: sans.org/u/1p0c

Join us for SANS Cloud Defender Dallas on Feb. 20 - 25 in Dallas, TX to experience hands-on training from top industry experts. Now is the time to become a #SANSCloudAce! 🤔 Do you know the benefits of attending in-person sans.org/u/1oqt #SANSCloudDevOps

Now is the time to become a #SANSCloudAce at SANS Cloud Defender Dallas. 🗓 Join us on Feb. 20 - 25. In-Person for some key benefits including: ✔️ Bonus sessions with @ryananicholson and @SergeBorso 🔗 Register here: sans.org/u/1oqt #SANSCloudDevOps

Looking for a free introduction to cloud security in the Denver area? Check this out: eventbrite.com/e/intro-to-clo… #Denver #cloudsecurity Thanks to WiCyS!

Always wanted to learn about the foundational elements of modern #Cloud computing & security? This course is for you. ☁️ #SEC388: Intro to Cloud Computing & Security 👤 @SergeBorso ➡️ Available #SANSOnDemand for Pre-Purchase: sans.org/u/1lmt #SANSCloudSecurity

Kick off your journey to becoming a #SANSCloudAce ☁️ with #SEC388! ☁️ SEC388: Intro to Cloud Computing & Security 👤 @SergeBorso Open for #SANSOnDemand pre-purchase with release date of 3 Jan 2023 ➡️ Sign Up Now: sans.org/u/1lmt #SANSCloudSecurity

Interested in #SEC388: Introduction to Cloud Computing & Security ☁️ with SANS Certified Instructor, @SergeBorso? For limited-time, now available for pre-purchase with release date of 3 Jan 2023. ➡️ Register for #SANSOnDemand: sans.org/u/1lmt #SANSCloudSecurity

🚨 Now Available for Pre-Purchase 🚨 #SEC388: Introduction to Cloud Computing & Security ☁️ taught by SANS Certified Instructor, @SergeBorso, will be available with #SANSOnDemand ➡️ Sign Up For Pre-Purchase Now: sans.org/u/1lmt #SANSCloudSecurity

@ManieshNeupane Interesting list. Definitely some good tidbits. Curious if anyone has ever done #15 or has even heard of some doing #15 in a real world scenario. I would be surprised.

Ready, set & deploy! ☁️ 🖥️ On Thursday, 13 Oct, learn how to deploy & configure a #VirtualMachine in the #Cloud with @SergeBorso, SANS Certified Instructor at our FREE 2-hour, hands-on workshop. Limited space 🔥 - only 500 spots available. Register: sans.org/u/1mP7

My talk on "Practical Cloud Security" is happening on OCT 18 at the Colorado Cloud Security Alliance Fall Summit. Check it out: csacolorado.org/speakers #cloudsecurity

The first three episodes of the #CloudAcePodcast are here! Listen to @anton_chuvakin @fykim @kymidd @NightmareJS @kfosaaen as they discuss the latest in cloud security with host @brandonmaxevans. Subscribe, rate and review wherever you get your podcasts: sans.org/u/1nkk

Want to learn how experts solve for the #Security concerns surrounding virtual machines in a cloud ☁️ environment? Now's your chance. Join us Live Online, Oct 13 for a FREE 2-hour workshop led by @SergeBorso, SANS Certified Instructor. Register: sans.org/u/1mP2

Decided to make a career change to take advantage of the job opportunities in cloud security? #SEC388 from @sergeborso is the perfect starting point for your journey into #cloudsecurity No time like the present! Reg now for inaugural run Aug 29-31! sans.org/u/1lmt

LAST CALL #SEC388 Inaugural run Aug 29-31 Ground School for Cloud Security @sergeborso provides the knowledge needed to confidently speak to modern #cybersecurity issues brought on by cloud, & become well versed with applicable terminology. Reg Now! sans.org/u/1lmt

Take #SEC488 Cloud Security Essentials with @SergeBorso at the #BlueTeamSummit and learn how to implement appropriate security controls in the cloud, often using automation to "inspect what you expect." Learn more👇🏽 sans.org/u/1lvP