all InfoSec news
The Most Dangerous Entra Role You’ve (Probably) Never Heard Of
Feb. 16, 2024, 4:56 p.m. | Andy Robbins
Security Boulevard securityboulevard.com
Entra ID has a built-in role called “Partner Tier2 Support” that enables escalation to Global Admin, but this role is hidden from view in the Azure portal GUI.
Why it matters
- An adversary may target the “Partner Tier2 Support” role to maintain stealthy, privileged persistence in an Entra ID tenant
- Since the Azure portal GUI obscures this role, it can be challenging for Azure admins and security professionals to audit assignments for this role
Update:
- While the Entra “Roles and …
admin adversary azure bloodhound bloodhound-enterprise called cloud computing cloud security cybersecurity entra entra id escalation global gui hidden may partner persistence portal privileged role support target
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)
@ WWC Global | Reston, Virginia, United States
Security Architect (DevSecOps)
@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
Infrastructure Security Architect
@ Ørsted | Kuala Lumpur, MY
Contract Penetration Tester
@ Evolve Security | United States - Remote
Senior Penetration Tester
@ DigitalOcean | Canada