At DEF CON 33, NetSPI presented a talk about how Azure resources supporting Entra ID authentication expose tenant IDs, enabling attackers to attribute cloud resources to specific organizations at scale. The post We Know What You Did (in Azure) Last Summer appeared first on NetSPI.| NetSPI
The Azure Arc service is handy for bringing on-prem systems to the cloud, but it includes features that could lead to pivots from on-prem into your Azure environment.| NetSPI
GCPwn is a pentesting tool. Learn about credential management, launching modules, permissions (including testIamPermissions), and final notes.| NetSPI
Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated.| NetSPI