Security Mindset Blog

Infrastructure Security Supply Chain Security Notes Resources About Me

Tracking OMIGOD Vuln

Sep 22, 2021

From Wiz - The Researchers that found the vuln

https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure
https://www.wiz.io/blog/update-everything-you-need-to-know-about-omigod-from-the-team-that-discovered-it

From Microsoft

https://msrc-blog.microsoft.com/2021/09/16/additional-guidance-regarding-omi-vulnerabilitieswithin-e-vm-management-extensions/
https://techcommunity.microsoft.com/t5/azure-sentinel/hunting-for-omi-vulnerability-exploitation-with-azure-sentinel/ba-p/2764093
https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-to-go-a-linux-lab-with-auoms-set-up-to-learn/ba-p/2772581

Security Mindset Blog

Manuel Berrueta

ManuelBerrueta
manuel-berrueta
ManuelBerrueta

The Security Mindset is a blog about security & technology that covers a wide range of topics including but not limited to Red Team & Purple Team, AppSec, and security best practices.