Mastodawn

Mar 4, 2025

@GossiTheDog the sheer fact that #MSPs & #CSPs can access clients' setups without proper #authorization [including #KYC / #KYB, #AuthCode|s and proper authorization via contract] is already sickening.

This literally begs to be abused via #SocialEngineering / #SocialHacking of #Microsoft personnel or just blatant "#PrivilegueEscalation" through falsefully claiming to be a #MSP / #CSP contracted by the targeted company.

Such fundamental #ITsec fuckups are reasons alone not to use #Azure or any #Microsoft products & services at all...

I mean, it doesn't require #Mitnick-level skills to pull this off, since it doesn't necessitate #Lapsus-Style #SIMswap or other means to gain access...

Kevin Beaumont (@[email protected])

Attached: 3 images This is the partner.microsoft.com portal, it allows CSPs - Cloud Solution Providers - to gain access to their customer's environments. CVE-2024-49035 was around improper privilege management, i.e. being able to access things you shouldn't. It being in CISA KEV says it was being exploited in the wild. That portal allows a huge footprint of access by design.

Cyberplace