sethsec
Bishop Fox“Recently, one of our pen testers found a bastion host during an #Azure assumed-breach #pentest. We were given the credentials of an employee within Azure Active Directory. The pen tester was able to log into SSH with Azure #ActiveDirectory credentials. So, he got onto the bastion host, which was a #Linux box. One of the users on that box made their home directory world readable for everyone. He rifled through that user’s directory and found credentials for Snowflake, a third-party database service. He used those credentials to connect to the 3rd-party provider and gained access to production #data.” - @sethsec on a recent episode of the Cloud Security Podcast.
