Microsoft paid Tenable a bug bounty for an Azure bug that it says doesn’t need a fix, just better documentation
A vulnerability (or just Azure working as intended, depending on who you ask) in Microsoft’s cloud may allow miscreants to bypass firewall rules and gain access to other people’s private web resources. The problem, discovered by Tenable’s research team, stems from Service Tags, an Azure construct. These tags can be used to group IP addresses … Read more