blueteamsecEnglish · 14 days ago

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

1

7

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

blueteamsecEnglish · 14 days ago

1

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile - SpecterOps

Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services. This post shows how reviewing deployment guides can help identify those exceptions and weaponize them with a new Mythic C2 profile called azureBlob.

You must log in or # to comment.

Chat

slazer2au@lemmy.world
link
fedilink
English
arrow-up
1·
14 days ago
I am absolutely guilty of having a blanket allow rule for Azure.

blueteamsec

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

35 users / day
104 users / week
286 users / month
917 users / 6 months
224 local subscribers
627 subscribers
2.39K Posts
180 Comments
Modlog

mods:
digicat