Browsed by
Author: Amal Mammadov

Unmasking CDEK Delivery Scam: A Step-by-Step Investigation (English version)

Unmasking CDEK Delivery Scam: A Step-by-Step Investigation (English version)

After a colleague fell victim to the same CDEK delivery scam I investigated several years ago, I decided to translate my findings for a wider audience. Original article (in Russian) is available here. We’ve all been there: anxiously awaiting a package and then receiving a seemingly legitimate message about a delivery issue. But what if that message is a trap? Recently, I encountered a sophisticated phone phishing scam using the CDEK(popular delivery company in Belarus and Russia) name, and I…

Read More Read More

Locking Down Your Cloud: IAM Best Practices and Auditing

Locking Down Your Cloud: IAM Best Practices and Auditing

Identity and Access Management (IAM) is the gatekeeper to your cloud environment. Properly configured IAM is essential for protecting sensitive data and preventing unauthorized access. This post summarizes key IAM best practices and provides a checklist for auditing your IAM setup. IAM Best Practices: A Cross-Cloud Summary These best practices apply across major cloud providers like AWS, GCP, and Azure: Group Users: Instead of managing individual user permissions, create user groups and assign permissions to the groups. This simplifies administration…

Read More Read More

Best Practices Securing AWS S3 Buckets

Best Practices Securing AWS S3 Buckets

Protecting your data in AWS S3 requires a multi-layered approach. Here’s a breakdown of essential best practices 1. Access Control IAM Users & Least Privilege: Create individual IAM users and grant only the necessary permissions via IAM policies. Avoid using the root account. Bucket Policies: Use bucket policies to control access at the bucket level, defining who can access the bucket and what actions they can perform. Regular Audits: Regularly review and audit IAM and bucket policies to ensure they…

Read More Read More

Streamlining Access: Identity and Access Management (IAM) Process

Streamlining Access: Identity and Access Management (IAM) Process

This post outlines my vision of company’s Identity and Access Management (IAM) process, covering application integration, access granting, and revocation. It’s intended for IT/Security staff managing IAM, as well as all stakeholders involved. For this document IAM system is selected as Entra ID but any other system like Okta can be considered Intro Goal is coverage of all applications and services, ensuring secure authentication and authorization using corporate credentials. This means integrating every application and service with our central Identity…

Read More Read More

Stop Accidental Data Leaks: A Clear Guide to Google Drive File Sharing

Stop Accidental Data Leaks: A Clear Guide to Google Drive File Sharing

Sharing files is a cornerstone of modern collaboration, but it’s also a leading cause of data breaches. Google Drive offers powerful sharing features, but understanding the options is crucial to avoid accidental data leaks. This guide breaks down Google Drive’s sharing settings, providing clear instructions to keep your data safe. Understanding “General Access” Settings The “General access” section in Google Drive controls who can access your file or folder via a link. Choosing the right setting is paramount. Here’s a…

Read More Read More

Integrating Linux Infrastructure with IAM – Azure Entra ID: A Comparative Analysis

Integrating Linux Infrastructure with IAM – Azure Entra ID: A Comparative Analysis

Migrating n-premises infrastructure to the cloud often involves integrating existing Linux systems with cloud-based identity providers like Azure Entra ID (formerly Azure AD). This post explores various integration options, comparing and contrasting their strengths and weaknesses to help you choose the best approach for your needs. Current State and Target Goals Environment consists of approximately 200 VMs (mostly Oracle Linux 8, with a few pfSense firewalls) hosted in a data center. Access is currently managed via SSH certificates, with user…

Read More Read More

Hardening Your Network: A Practical Guide to Network Security

Hardening Your Network: A Practical Guide to Network Security

Network security is paramount in today’s interconnected world. A robust network security strategy involves multiple layers of defense, from segmentation and access control to monitoring and backups. This post provides a practical guide to hardening your network infrastructure. 1. Network Segmentation and Segregation: Limiting the Blast Radius Network segmentation divides your network into smaller, isolated zones, limiting the impact of a security breach. Segregation further categorizes these segments based on role, function, or criticality. Physical & Virtual Separation: Separate sensitive…

Read More Read More

Craft a Killer CV: My Top Tips and Resources

Craft a Killer CV: My Top Tips and Resources

I frequently get asked for CV and resume advice. So, I’ve compiled my personal checklist for creating a CV that gets noticed. These are the principles I follow, and I hope they help you too. Key Principles for a Winning CV: Tailor it: Your CV should be customized for every position you apply for. Highlight the skills and experiences most relevant to the specific job description. Don’t just send a generic CV. Focus on achievements: Quantify your accomplishments whenever possible….

Read More Read More

Mastering Incident Management: A Practical Guide

Mastering Incident Management: A Practical Guide

Mastering Incident Management: A Practical Guide In today’s fast-paced digital world, disruptions to IT services can have a significant impact on an organization’s operations. Effective incident management is crucial for minimizing downtime and ensuring business continuity. This post provides a practical guide to incident management, covering key concepts, prioritization, escalation, and best practices.   Defining Incidents, Problems, and Requests It’s essential to distinguish between incidents, problems, and requests: Incident: An incident is a single, unplanned event that disrupts or reduces the…

Read More Read More

Streamlining Cybersecurity: SANS Collective Controls Catalog & the Collective Risk Model

Streamlining Cybersecurity: SANS Collective Controls Catalog & the Collective Risk Model

I recently caught a fantastic SANS webcast comparing and contrasting leading IT security standards. The presenters did a great job highlighting the strengths of each, culminating in a “Collective Controls Catalog” that synthesizes the best practices from across the industry. This is an invaluable resource, and I’m grateful to SANS for making it publicly available. You can find it below. Credit goes to SANS for this excellent work. 2022 version of Collective Risk Model (CRM) is born from discussions among…

Read More Read More