Ariel Simon
Ariel Simon is a seasoned cybersecurity researcher with extensive expertise in cloud security, vulnerability research, and identity security. Currently, he works as a Security Researcher at Token Security. Ariel mainly works on uncovering critical vulnerabilities in cloud environments. Before joining Token Security, Ariel served in the IDF as a Senior Security Researcher in Unit 81. There, he led large-scale cyber projects. His hands-on experience includes whitebox and blackbox application research, advanced penetration testing, and malware analysis.
Session
Azure’s Role-Based Access Control (RBAC) model simplifies identity and permissions management by offering predefined, built-in roles. However, even seemingly trusted built-in roles can introduce unexpected risks.
In this talk, we’ll examine multiple over-privileged Azure built-in roles that grant excessive permissions beyond their intended scope, which enable attackers to enumerate assets, map attack paths, leak exposed secrets, and access critical configurations. Additionally, we’ll discuss a newly discovered Azure API vulnerability that allows attackers to leak the key for the Azure VPN service. We’ll dive into blackbox vulnerability research in Azure, and demonstrate how combining these issues can lead to cloud infrastructure breaches and unauthorized access to on-premise networks via the corporate VPN, posing serious consequences for organizations.
The session concludes with actionable strategies to fortify identity security, ensuring that security teams maintain robust control over their cloud assets by mitigating the often-overlooked risks, and stay ahead of the next major identity-driven attack.