Microsoft Threat Intelligence recently identified a sophisticated cyberattack by the threat actor Storm-2949, focused on massive data exfiltration from Microsoft 365 and Azure environments. Moving away from traditional on-premises malware, the attackers weaponized legitimate cloud management tools and Azure role-based access control (RBAC) permissions to achieve lateral movement and steal data from high-value production systems. […]
The post Hackers Abuse Azure RBAC Permissions To Steal Key Vault Secrets appeared first on Cyber Security News.