"Azure Admins Warned to Disable Shared Key Access as Backdoor Attack Detailed"

According to Orca Security researchers, a design flaw in Microsoft Azure could allow attackers to gain full access to a user's environment. This design flaw is that shared key authorization is enabled by default when creating storage accounts. Attackers can hunt for and use Azure access keys as a backdoor into an organization, similar to how public AWS S3 buckets have been abused in recent years, according to Orca's Roi Nisimi. These permissions have the potential to be exploited in order to get access to additional resources within a customer's tenant. It has been announced that shared key and shared access signature authorization would be disabled by default for new storage accounts at a later date. This article continues to discuss the potential exploitation and impact of the design flaw in Microsoft Azure. 

The Register reports "Azure Admins Warned to Disable Shared Key Access as Backdoor Attack Detailed"