New 2023 strategy document sent to Congress
Related Posts
Think Your MFA and PAM Solutions Protect You? Think Again
Think Your MFA and PAM Solutions Protect You? Think Again
When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) solutions are almost never deployed comprehensively enough to provide resilience to identity Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Outlast game development delayed after Red Barrels cyberattack
Outlast game development delayed after Red Barrels cyberattack
Canadian video game developer Red Barrels is warning that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data. […] Read More
Microsoft Azure Vulnerability Let Attackers Bypass Firewall Rules
Microsoft Azure Vulnerability Let Attackers Bypass Firewall Rules
Tenable Research has uncovered a significant vulnerability in Microsoft Azure that allows malicious attackers to bypass firewall rules by forging requests from trusted services.
This vulnerability affects several Azure services, including:
Azure Application Insights
Azure DevOps
Azure Machine Learning
Azure Logic Apps
Azure Container Registry
Azure Load Testing
Azure API Management
Azure Data Factory
Azure Action Group
Azure AI Video Indexer
Azure Chaos Studio
Severity and Impact
Tenable Research has classified this vulnerability as a Security Feature Bypass issue.
Looking for Full Data Breach Protection? Try Cynet’s All-in-One Cybersecurity Platform for MSPs:Try Free Demo
While the Common Vulnerability Scoring System (CVSS) is typically used to measure the severity of vulnerabilities, Tenable suggests a severity rating of High for this issue due to its impact on data integrity and confidentiality.
Microsoft Security Response Center (MSRC) has acknowledged the issue as an Elevation of Privilege with a severity rating of Important and has awarded a bounty for its discovery.
Solution and Recommendations
Microsoft has opted to address the issue by creating centralized documentation to inform customers about usage patterns for service tags. However, the vulnerable behavior still exists in customer environments.
Users are advised to add authentication and authorization layers to defend their assets on top of the network controls administered using service tags.
The timeline of the disclosure process is as follows:
January 24, 2024: Tenable discloses the vulnerability to Microsoft. Automated acknowledgment received.
January 31, 2024: MSRC confirms the reported behavior and awards a bounty.
February 2, 2024: MSRC devises a comprehensive fix plan and an implementation timeline.
February 26, 2024: MSRC decided to address the issue via a comprehensive documentation update and addressed more vulnerability variants.
March 6, 2024: Coordinated disclosure in May is agreed upon.
April 30, 2024: Tenable provides a blog draft to MSRC.
April 30 – May 10, 2024: Tenable coordinates with MSRC to incorporate technical comments.
June 3, 2024: Coordinated disclosure.
This vulnerability highlights the importance of robust security measures and the need for continuous monitoring and updating of security protocols.
Users of the affected Azure services should take immediate action to implement additional authentication and authorization layers to protect their assets.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Sign up for free
The post Microsoft Azure Vulnerability Let Attackers Bypass Firewall Rules appeared first on Cyber Security News.