Weak ACLs in AD and misconfigured dynamic groups in Azure AD are not new vulnerabilities. But when they intersect in a hybrid environment, they create a powerful, and often overlooked, attack path. You can read here my article. 🫡

I was at @BSidesZagreb last week. I gave a talk on Privilege Escalation in Azure Machine Learning. If you're interested, check out this article on the topic. Plus, there are two scripts in MicroBuster that you can use for enumeration. 🙂 https://t.co/debXVMJR3h

In my latest research article, I take a close look at the weaknesses within Azure Application Proxy, demonstrating how impersonating the connector can enable traffic hijacking from outside the infrastructure. https://t.co/a7jx0u9baq

During my exploration of Azure Arc, I noticed that the Azure Arc Management Tool can be used to coerce NTLM authentication. The interesting part is that all the other options require local administrator permissions—except for this one. 🤔 https://t.co/jbyn5BsoPR

Finally, I achieved my first Microsoft CVE! (And maybe the last one. 🤣 ) https://t.co/E8EAyw6f9k This is also a zero-day for which I received a substantial four-figure bounty, the largest reward I've ever got. So, I was quite surprised #AzureCycleCloud #CVE

Praticamente è il motivo, oggi, su cui si fonda la "non cultura". Quanto mi manchi, quanto mi mancano le tue parole ♥️ #MichelaMurgia

I am excited to announce that I will be presenting a new attack technique in Azure Arc that I discovered, at BSides Leeds. In this talk, I will discuss a recent security flaw that enables bad actors within a corporate environment to gain control over a service principal account.

To all my fellow pen testing buddies out there, this meme is dedicated to the unlucky soul who started an engagement, only to face a server that took a 24-hour nap or developers who removed functionality from the web app to avoid being tested. It can be f… https://t.co/tKVDGG9dKC