This tech blog provides pragmatic insights on how to check email security risks in Microsoft Office 365 and learn how to Improve mail security quickly by deploying SPF, DKIM, and DMARC mechanisms in the Microsoft Office 365 environment.

When conducting cloud assessments, we often see Privileged Identity Management (PIM) in Azure Active Directory being misconfigured. PIM offers an additional layer of security but these misconfigurations could be abused by an attacker to still promote themselves to privileged roles, effectively bypassing this feature.

In this blog, Jeffrey Bencteux took a deeper dive into how PIM could be used by an attacker, and how to mitigate the associated risks.

We found and patched two bugs in cifs-utils, the userland tools interacting with the CIFS (SMB) Linux implementation. Both the bugs are in mount.cifs, the binary used to mount network shares from userland. One is a buffer overflow in the option parser, the other is a partial arbitrary file read due to overly verbose error messages.

During a customer engagement we identified multiple vulnerabilities in SonicWall’s Mobile Access web interface (SMA) allowing unauthenticated user enumeration and unauthenticated read/delete access to several endpoints of the management API.

Sysctl parameters are often overlooked when doing Linux hardening; learn how kernel parameters are materialized in userland, how to check what the security parameters are with sysctl to harden your hosts and how to automatize the check of a baseline against running Linux hosts.