MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
Azure Cloud Shell Command Injection Stealing User’s Access Tokens
This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.
MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
Azure Cloud Shell Command Injection Stealing User’s Access Tokens
This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.