Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames
Microsoft Azure offers a diverse range of services that empower organizations with convenient and scalable cloud infrastructure solutions. However, even...
Microsoft Azure offers a diverse range of services that empower organizations with convenient and scalable cloud infrastructure solutions. However, even...
In recent years, supply chain attacks targeting software developers and suppliers have become increasingly common. The primary objective of these...
Today, at BlueHat IL 2023, we proudly announced our discovery of a new vulnerability in Azure, which we've dubbed 'Super...
As we approach the middle of 2023, we thought it an appropriate time to reflect on the cloud security risks...
In the third part of the Orca Security blog post series about Azure AD and IAM, Roee shares research on...
Table of contentsWhat are managed identities?Getting a managed identity access tokenThe known privilege escalation methodMy research objectivesEscalation to managed identities’...
Google’s approach to Identity and Access Management is relatively the most straightforward among the three major cloud providers.
A short tutorial on Azure Active Directory (AD) & IAM to lay the the groundwork for future posts.
Orca Security breaks down the anatomy of an Identity and Access Management based cyber attack on AWS, and how to...