Tag

Azure Cli

All articles tagged with #azure cli

Massive Azure CLI credential spray uses legacy flow to bypass MFA, hits 78 accounts
security14 days ago

Massive Azure CLI credential spray uses legacy flow to bypass MFA, hits 78 accounts

Security researchers warn of a large-scale, automated password-spray against Microsoft Azure CLI that logged over 81 million login attempts and compromised at least 78 Microsoft accounts across 64 organizations. The attackers used the deprecated OAuth 2.0 Resource Owner Password Credentials (ROPC) flow to bypass Conditional Access policies, targeting credentials from breached lists and exploiting MFA configurations that didn’t cover Azure CLI logins. The activity originated largely from an IPv6 range linked to LSHIY LLC (AS32167). Recommendations include enforcing MFA for all users and apps, restricting the Azure CLI app to non-admins, and ensuring CAPs are fully configured to close gaps exposed by ROPC.

Microsoft's November 2023 Patch Tuesday addresses critical bugs and leaked credentials
technology2 years ago

Microsoft's November 2023 Patch Tuesday addresses critical bugs and leaked credentials

Microsoft has patched a critical security vulnerability in Azure CLI that could have allowed attackers to steal credentials from GitHub Actions or Azure DevOps logs. The vulnerability, reported by a security researcher, could enable unauthenticated attackers to remotely access plain text contents written by Azure CLI to CI/CD logs. Microsoft advises customers to update to the latest Azure CLI version (2.54) and take steps to prevent accidental exposure of secrets in logs. The company has also implemented new security measures to restrict the presentation of secrets in output and broaden credential redaction capabilities.