Participating in the Microsoft CCP Blue Team CTF provided a deep dive into a sophisticated multi-stage attack involving credential theft, lateral movement, and cloud exfiltration. Below is a detailed breakdown of the investigation, from the initial phishing email to the...

Azure Attack Vectors: Identity, Infrastructure, and Persistence

Hackathon

Sure, that initial rejection email can sting but let me tell you about a recent Cloud Security Engineer interview that turned into a valuable learning experience.

Infrastructure as Code is one of those skills that looks intimidating at first but clicks quickly once you start using it. In this post, I walk through the core Terraform workflow init, fmt, validate, plan, apply, and destroy using Azure...