Year 2024. #LeapDay still causes issues to #Azure.
Noticed that #paloalto data sent to #Sentinel via #AMA during 29th was logged with TimeReceived as 1st of March. Issue doesn’t happen if you use old #MMA / #OMS agent.
I just can't with #Azure. I'm not allowed to upgrade the node pool from 1.26 to 1.27 because Kube version 1.27 is no longer supported. But the system is otherwise cool with me creating an even older node pool.
I know that Microsoft had a rather controversial reputation but in general they did a good job with #Azure.
But sometimes it can be so tedious. I was lazy and wanted to click deploy an Application Gateway for testing purposes, which failed 3 times because of some error that wasn't really explained.
In the end I wrote and deployed everything with #Terraform and it just worked.
Not to self: do it properly right from the start.
Hello 👋 We'll be sharing updates from the #PostgreSQL team 🐘 at Microsoft here, including our open source contributions to the Postgres database core—plus our work on the Azure Database for PostgreSQL managed service. And more!
✅ If you missed this 📝 blog post on what's new with Postgres at Microsoft by @clairegiordano, it's still quite current & gives a good overview
Part 3 of "A Guide to Implementing ActivityPub in a Static Site (or Any Website)" is just out the oven!
In this blog post, I explain how to make your blog discoverable in the Fediverse as an account, and also address some of the annoying pitfalls I encountered.
So, related to my #Azure struggles yesterday with Front Door (remains unresolved btw). One of the things I ran into was somewhere in the portal it telling me a health probe was failing. It couldn't be bothered to tell me what probe was failing or in what way, just offered a button that goes to basically nothing useful.
So I decided to simply disable all health probes but I couldn't because while the interface SAID it had disabled the probe, it was very much still active.
Real question, any of my followers actually knowledgable about #Azure Front Door and can tell me why a high number of requests results in 400 response codes periodically.
🛡️ Researchers uncover details of 3 vulnerabilities in #Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could have allowed attackers root access and system disruption.
Jeezus, I'm completely lost w.r.t. the features of the #Azure portal now. I know I can add authentication for a Web App which yields a secret that my Web App can check for, but this still leaves said app reachable directly through the internets.
There's also the Application Gateway which provides a frontend that can reach into a virtual network, and I can simply restrict the Web App to only be available from said subnet.
Unfortunately, I cannot find any means to have the listener on this Application Gateway authenticate any requests. Also, unlike the Web App it doesn't just create an SSL certificate for me :/
I've made #MSRC’s 2023 Q4 Top #Security Researchers Leaderboard!
It was a pleasure working with @microsoft to improve the security posture of their #Azure ecosystem. Some coordinated disclosure advisories and writeups are coming, so stay tuned on the @hnsec blog.
The first two steps where very simple, adding the well-known and actor json, these are static and I can set the content-type in #azure#storage very easily.
Now, I need to choose something that can answer the POST requests for the inbox. After a brief check on the pricing, I will use #Azure#Functions, which has enough free requests for now.