all InfoSec news
Major service tag security problems reported in Microsoft Azure
CSO Online www.csoonline.com
Tenable Research has reported a vulnerability in Microsoft Azure service tags that “allows an attacker to bypass firewall rules … by forging requests from trusted services.”
“The vulnerability was discovered initially in the Azure Application Insights service, but we and the Microsoft Security Response Center (MSRC) eventually found that it affects more than 10 other Azure services,” according to the report, released June 3. “In each case, attackers would be able to access other internal and private Azure services.” …
application attacker azure azure service bypass center cloud security firewall firewall rules found insights major microsoft microsoft azure microsoft security msrc problems requests research response rules security security-practices service services tag tags tenable vulnerabilities vulnerability