Microsoft has released an advisory on a critical remote code execution and local privilege escalation vulnerability for Windows systems. The PrintNightmare vulnerability can allow attackers to gain full user rights and run malicious code, it is strongly recommended to update your systems.
Azure Security Basics
Security is not a one-size-fits all solution, it requires a customized, multi-layered approach with continuous monitoring.
The core principles of cybersecurity are Confidentiality, Integrity, and Availability.
- Confidentiality: the data is protected from unauthorized users
- Integrity: the data remains accurate and complete
- Availability: the data can be accessed by its intended users
Achieving these security best practices depend upon the assets and services being protected, the constraints, level of compliance, and risk tolerances of the company. As such, IT security policies can vary greatly from one environment to the next.
Securing Azure resources can be broken down into these major disciplines:
- Identity access management (IAM)
- Data security
- System security
- Network security
In this article we will introduce a checklist for Azure cloud security best practices.
Software vulnerabilities are found every day.
In order to ensure the security of your systems, it’s important to stay up to date on cybersecurity news. This can be difficult when 0-day vulnerabilities often go unreported by official sources until it’s far too late.
To be ahead of the curve, you have to read security research published across the internet on various blogs, forums, articles, and newsletters by the researchers themselves. One way to aggregate these security reports is through Reddit. Here is an expansive list of 69 subreddits that you can follow to keep up to date on cybersecurity news.