1. SAST Online
  2. Application Security News and Articles
  3. Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap
Authenticate your profile to see activity

Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap

Starting May 15, 2023, threat actor Storm-0558 illicitly employed forged Azure Access tokens tokens to gain unauthorized access to user emails in around 25 organizations, encompassing government agencies and various consumer accounts hosted on the public cloud. By June 2023, a Federal Civilian Executive Branch (FCEB) agency noticed unusual MailItemsAccessed events in M365 Audit Logs, ... Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap

The post Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap appeared first on Rezilion.

The post Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap appeared first on Security Boulevard.

27 July 2023


>>More