all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Most Dangerous Entra Role You’ve (Probably) Never Heard Of

Add to bookmarks
Feb. 16, 2024, 4:56 p.m. | Andy Robbins

Security Boulevard securityboulevard.com

Entra ID has a built-in role called “Partner Tier2 Support” that enables escalation to Global Admin, but this role is hidden from view in the Azure portal GUI.


Why it matters



  • An adversary may target the “Partner Tier2 Support” role to maintain stealthy, privileged persistence in an Entra ID tenant

  • Since the Azure portal GUI obscures this role, it can be challenging for Azure admins and security professionals to audit assignments for this role


Update:



  • While the Entra “Roles and …

admin adversary azure bloodhound bloodhound-enterprise called cloud computing cloud security cybersecurity entra entra id escalation global gui hidden may partner persistence portal privileged role support target

Visit resource

More from securityboulevard.com / Security Boulevard

What is General Data Protection Regulation Act (GDPR)? 5 hours ago | securityboulevard.com
act adoption center challenges +32
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 15 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 18 hours ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 20 hours ago | securityboulevard.com
ant application customers cve +21
Understanding Cybersecurity Vulnerabilities 20 hours ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 21 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
Open-Source Software Security 22 hours ago | securityboulevard.com
blog blog post cloud cloud-native +14
USENIX Security ’23 – Union Under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android … 22 hours ago | securityboulevard.com
access android authors conference +20
How to secure GraphQL APIs: challenges and best practices 1 day ago | securityboulevard.com
apis api security best practices challenges +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs