New Blog | Microsoft Defender for Cloud latest protection against abuse of Azure VM Extensions

Throughout recent years, the IT world has shifted its workloads, management layers, and machines to the cloud, thus introducing a new attack surface, accompanied by new attack vectors. The following introduced a tactic for threat actors to deploy their cyber-attacks against organizations’ cloud environments, gaining strong permissions, operating for financial gain, and more.

 

Upon succeeding in compromising an identity with sufficient permissions in Azure, threat actors often try to abuse existing features within the environment that allow them to deploy their malicious activity stealthily, efficiently, and easily, and one special feature is: Azure VM extensions.

 

 

 

Read the full blog here: Microsoft Defender for Cloud latest protection against sophisticated abuse of Azure VM Extensions - Microsoft Community Hub