all InfoSec news
Researchers Warn of Potential Abuse of Azure Service Tags
Malware Analysis, News and Indicators - Latest topics malware.news
Microsoft is warning customers about the potential for an attacker to abuse the service tags feature in Azure to forge requests from a trusted service and bypass firewall rules, potentially gaining access to cloud resources without authorization.
The technique was discovered by researchers from Tenable, who reported it to MIcrosoft in January. MIcrosoft Security Response initially acknowledged it as a vulnerability and said the company would issue a patch, but later decided that a patch was not necessary and …
abuse access attacker authorization azure azure service bypass cloud cloud resources customers feature firewall firewall rules forge microsoft requests researchers resources rules service tags tenable warning