Security Advisory: Insufficient Tenant Separation in Azure Synapse Service | allinfosecnews.com

c

May 12, 2022, 12:25 a.m. |

Cloud Security Alliance cloudsecurityalliance.org

This blog was originally published by Orca Security on May 9, 2022. Written by Avi Shua, Orca Security. TL;DROrca Security is issuing this security advisory for CVE-2022-29972 to address hazards in the use of the Microsoft Azure Synapse service. We believe the tenant separation in this service is insufficiently robust to protect secrets against other tenants. This belief is based on Orca Security researchers bypassing tenant separation multiple times, beginning in January, and again bypassing...

advisory azure azure synapse security security advisory service synapse

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl

Are You Ready for Microsoft Copilot? 1 day, 8 hours ago | cloudsecurityalliance.org

ai chatbot chatbot copilot customers +13

Cl

Implementing a Data-Centric Approach to Security 1 day, 8 hours ago | cloudsecurityalliance.org

access access governance can cto +13

Cl

Cloud Security Alliance (CSA) AI Summit at RSAC to Deliver Critical Tools to Help Meet … 3 days, 10 hours ago | cloudsecurityalliance.org

advice alliance april benefits +19

Cl

7 Common Causes of Data Breach: Safeguarding Your Digital Assets 3 days, 12 hours ago | cloudsecurityalliance.org

assets breach breaches connected +16

Cl

How to Set Your Small Privacy Team Up for Success 4 days, 11 hours ago | cloudsecurityalliance.org

data data protection legislation organizations +11

Cl

The Data Security Risks of Adopting Copilot for Microsoft 365 4 days, 11 hours ago | cloudsecurityalliance.org

ai assistant ai-powered assistant copilot +20

Cl

From gatekeeper to guardian: Why CISOs must embrace their inner business superhero 1 week, 2 days ago | cloudsecurityalliance.org

business ciso cisos firewalls +6

Cl

Cantwell Proposes Legislation to Create a Blueprint for AI Innovation and Security 1 week, 2 days ago | cloudsecurityalliance.org

cantwell chair commerce european union +13

Cl

Sealing Pandora's Box - The Urgent Need for Responsible AI Governance 1 week, 2 days ago | cloudsecurityalliance.org

ai governance attention box code +15

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States

View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States

View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road

View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE

View on infosec-jobs.com