Kali for Azure

Screen Shot 2017-02-07 at 08.36.59I have been using/playing with Azure lately. Everything from server builds, Azure AD, network security and all those magical app services and microservices for AI, cognitive behaviour, threat analytics and more. Playing with Azure is free for a limited subscription with enough cash to play with most (although not resource intensive) services. See here.

Azure security enables you to protect, detect and respond your services. What I find even more interesting from a security perspective is how you can penetration test your Azure ser vices using Kali for Azure. Have not yet tested it out myself, but plan to. It can be acquired here.

Just make sure you let Microsoft know if you plan to pentest something – as you probably would if you tested your corporate network:)

Mobile Trojans with SMS C&C

Looked into the Android SpySMS torjan as they say it has infected 40k users phones. This Mobile Trojan is using SMS as C&C protocol the way IRC C&C were used by PC Trojans back in the days. Got me thinking that the reliable SMS protocol is a nice protocol to control the android bots. The way this app try to block anti-virus from running and the long list of banking apps it controls is rather interesting as this has historically been more adapted by PC trojans and malware.