Back to Blog
Burp suite professional key6/18/2023 ![]() ![]() With this key, obtained either through a leakage or appropriate AD Role, an attacker can not only gain full access to storage accounts and potentially critical business assets, but also move laterally in the environment and even execute remote code.ĭue to other known risks, Microsoft already recommends disabling shared key access and advises using Azure Active Directory authentication instead. ![]() On what started as one of these typical days, we went on to discover a surprisingly critical exploitation path utilizing Microsoft Azure Shared Key authorization – a secret key-based authentication method to storage accounts. Here at Orca Security, our team of cloud researchers are continually pushing the cloud security limits to ensure that we cover the latest cloud security risks on our Orca Platform and find cloud infrastructure vulnerabilities before bad actors do. ![]()
0 Comments
Read More
Leave a Reply. |