Critical Azure Automation vulnerability

March 23, 2022
| No comments
B2B Cyber ​​Security ShortNews

Share post

AutoWarp is a critical vulnerability in the Azure Automation service that allows unauthorized access to other Azure customer accounts using the service. Depending on the privileges assigned by the customer, this attack could mean complete control over the target account's resources and data.

Microsoft Azure Automation enables organizations to run automation code in a managed manner. You can schedule jobs, provide input and output, and more. Each company's automation code runs in a sandbox, isolated from other customers' code running on the same virtual machine.

The vulnerability could have caused billions of dollars in damage

Research by Orca Security revealed that several large companies were using the service and could have accessed it. The AutoWarp vulnerability could have caused billions of dollars in damage. Orca reported the critical vulnerability in Azure Automation directly to Microsoft, it is now resolved and all affected customers have been notified.

"We would like to thank Yanir Tsarimi at Orca Security for reporting this vulnerability and working with the Microsoft Security Response Center (MSRC) on the Coordinated Vulnerability Disclosure (CVD) to help keep Microsoft customers safe," explains the Microsoft Security Response Center (MSRC). Before the vulnerability was fixed, companies were vulnerable to AutoWarp if they were using the Azure automation service and had the Managed Identity feature enabled in their automation account (which it is by default). Orca Security has explained the full background to the vulnerability in a blog post.

More at Orca.security

 

About Orca Security

Orca Security delivers out-of-the-box security and compliance for AWS, Azure, and GCP—without the gaps in coverage, alert fatigue, and operational costs of agents or sidecars. Simplify cloud security operations with a single CNAPP platform for workload and data protection, cloud security posture management (CSPM), vulnerability management, and compliance. Orca Security prioritizes risks based on security issue severity, accessibility, and business impact.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

Short news
, , , , ,