This article is part 3of a 3-part series on the top 6 cloud misconfigurations we regularly encounter during security assessments.
In this third part, we’ll look at common weaknesses around Application consent, guest users and permanent privileges.

This article is part 2 of a 3-part series on the top 6 cloud misconfigurations we regularly encounter during security assessments.
In this second part, we’ll look at common weaknesses around Email security and exposing Azure services.

This article is part 1 of a 3-part series on the top 6 cloud misconfigurations we regularly encounter during security assessments.
In this first part, we’ll look at common weaknesses around Multi-Factor Authentication (MFA) and Conditional Access policies.

Introducing Pillage Suite - a toolset to enumerate, index and analyze effective permissions and file contents in all your network shares.

CVE-2023–6338 - Moritz discovered a local privilege escalation vulnerability in the UDC (Universal Device Client) service from Lenovo. The vulnerability allows a non-privileged user to get SYSTEM permissions. The application is preinstalled and running by default as a service on many windows-based Lenovo computers.