PlasticCasio – WindowsTechs.com

Is my perception of improved security by restricting access to an MS365 tenant/associated apps on per-device basis misguided? Why?

Posted on April 22, 2022 by PlasticCasio

Receiving guidance from a contractor that restricting unknown devices (regardless of MFA, location, etc.) to an Azure tenant does not improve security in any meaningful way, and just creates a headache for the administrator who needs to ru… Continue reading Is my perception of improved security by restricting access to an MS365 tenant/associated apps on per-device basis misguided? Why?→

How to "prove" that using MS GUID alone is not proper user access control

Posted on March 1, 2022 by PlasticCasio

How can I demonstrate concretely (to leadership and developer) that using a MS v4 GUID and relying on the "difficulty" to guess the GUID of other resources in the app is not a secure form of AuthZ.
I probably can’t guess a random… Continue reading How to "prove" that using MS GUID alone is not proper user access control→

What are the pitfalls of adding a corporate eSIM to an unmanaged employee device in lieu of land-line phones?

Posted on January 5, 2022 by PlasticCasio

Instead of having a landline at each employee’s desk, allow them to add an eSIM to a compatible personal cell phone. (If possible, disable SMS for the added eSIM so it is acting as a replacement for the desk phone.)
Unmanaged phones are of… Continue reading What are the pitfalls of adding a corporate eSIM to an unmanaged employee device in lieu of land-line phones?→

RCE vs ACE vulnerability families

Posted on April 14, 2021 by PlasticCasio

Is RCE (Remote Code Execution) just ACE (Arbitrary Code Execution) over a network or is there an example where RCE is not ACE? Is RCE always the more severe of the two (with respect to gaining system admin privileges), or would it depend o… Continue reading RCE vs ACE vulnerability families→

How can I improve my sheep dipping process?

Posted on March 3, 2021 by PlasticCasio

Problem:
The hiring department occasionally sends me Word documents asking to clear the file as "safe" to open and review for purposes like resumes etc.; they can come from anywhere and are often unsolicited job applications.
Bas… Continue reading How can I improve my sheep dipping process?→

What are the (two?) definitions of SOC?

Posted on March 1, 2021 by PlasticCasio

On one hand "Security Operations Centre", but SOC is seemingly used in the reporting and certification domain, where does this come from? Is there another (or more) definitions of SOC in Information Security Compliance Certificat… Continue reading What are the (two?) definitions of SOC?→

Is the ability to export HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\SYSTEM as .reg files a security concern?

Posted on February 5, 2021 by PlasticCasio

I am concerned that if it is possible to copy these as .reg files (without privs) and then (on another machine) reverse the .hiv files from them… this would probably be bad, which makes me think it’s likely not possible.
Has this/is this… Continue reading Is the ability to export HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\SYSTEM as .reg files a security concern?→