all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Major service tag security problems reported in Microsoft Azure

Add to bookmarks
June 4, 2024, 6:19 p.m. |

CSO Online www.csoonline.com

Tenable Research has reported a vulnerability in Microsoft Azure service tags that “allows an attacker to bypass firewall rules … by forging requests from trusted services.”


“The vulnerability was discovered initially in the Azure Application Insights service, but we and the Microsoft Security Response Center (MSRC) eventually found that it affects more than 10 other Azure services,” according to the report, released June 3. “In each case, attackers would be able to access other internal and private Azure services.” …

application attacker azure azure service bypass center cloud security firewall firewall rules found insights major microsoft microsoft azure microsoft security msrc problems requests research response rules security security-practices service services tag tags tenable vulnerabilities vulnerability

Visit resource

More from www.csoonline.com / CSO Online

Building the foundation for secure Generative AI 31 minutes ago | www.csoonline.com
adoption artificial artificial intelligence building +23
Unlocking the potential of Generative AI starts with a secure foundation 39 minutes ago | www.csoonline.com
benefits data foundation generative +14
Formerly legitimate Polyfill.io domain abused to serve malicious code 2 hours ago | www.csoonline.com
attack browsers check code +16
Microsoft-owned vendor blamed for massive healthcare breach 6 hours ago | www.csoonline.com
access breach communications compromised +20
Orca bolsters cloud security offering with source code support 8 hours ago | www.csoonline.com
capabilities cd pipelines cloud cloud security +17
Cloud security faces pressure from AI growth, multi-cloud use 8 hours ago | www.csoonline.com
ai integration cloud cloud-based cloud resources +20
Continuous red-teaming is your only AI risk defense 9 hours ago | www.csoonline.com
ai models ai risk capabilities cisos +17
What is digital executive protection and how does it work? 13 hours ago | www.csoonline.com
corporate corporate executives cso and ciso cyberattacks +28
Organizations with outdated security approaches getting hammered: Cloudflare 23 hours ago | www.csoonline.com
apis application applications application security +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Account Executive - Secureworks Direct Sales - US Remote Philadelphia

@ Dell Technologies | Remote - Pennsylvania, United States
View on infosec-jobs.com

SATCOM Technician - Shariki, Japan - Secret Clearance (Onsite)

@ RTX | RVA99: RTN Remote, Virginia
View on infosec-jobs.com

Senior Test Engineer

@ Commonwealth Bank | Bengaluru - Manyata Tech Park Road
View on infosec-jobs.com

Lead Developer - Pipeline & Algorithms

@ Arctic Wolf | Waterloo
View on infosec-jobs.com