all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap

Add to bookmarks
July 27, 2023, 3:44 p.m. | Ofri Ouzan

Security Boulevard securityboulevard.com

Starting May 15, 2023, threat actor Storm-0558 illicitly employed forged Azure Access tokens tokens to gain unauthorized access to user emails in around 25 organizations, encompassing government agencies and various consumer accounts hosted on the public cloud. By June 2023, a Federal Civilian Executive Branch (FCEB) agency noticed unusual MailItemsAccessed events in M365 Audit Logs, ... Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap


The post Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability …

access access tokens accounts actor agency azure civilian cloud consumer emails executive exploited fceb federal gap government june june 2023 may microsoft microsoft security organizations public public cloud sbn news storm storm-0558 storm-0588 threat threat actor tokens transparency unauthorized access vulnerabilities vulnerability vulnerability management

Visit resource

More from securityboulevard.com / Security Boulevard

Key Areas Where Open-Source Security Needs to Evolve 21 minutes ago | securityboulevard.com
cybersecurity cybersecurity experts effect experts +10
News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform an hour ago | securityboulevard.com
alert browser browser security capital +26
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … an hour ago | securityboulevard.com
adoption browser browser security companies +14
Survalyzer SPF and DKIM configuration: Step By Step Guideline an hour ago | securityboulevard.com
article blog configuration dkim +6
Vtiger SPF & DKIM Setup: Step By Step Guideline 2 hours ago | securityboulevard.com
amp blog businesses cloud +11
Spamhero SPF and DKIM configuration: Step By Step Guideline 2 hours ago | securityboulevard.com
article blog configuration dkim +6
How to Protect Against Phishing Attacks 2 hours ago | securityboulevard.com
attacks business cybersecurity guide +6
Simply SPF and DKIM configuration: Step By Step Guideline 2 hours ago | securityboulevard.com
article blog configuration dkim +6
Showpad SPF and DKIM configuration: Step By Step Guideline 2 hours ago | securityboulevard.com
article blog configuration dkim +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs