The US National Security Agency has published a security advisory on Thursday warning about two techniques hackers are using to escalate access from compromised local networks into cloud-based infrastructure.
The advisory comes on the heels of the massive SolarWinds supply chain hack that has hit several US government agencies, security firm FireEye, and most recently, Microsoft.
While the NSA doesn’t specifically mention the SolarWinds hack in its advisory, both techniques described in the document have also been spotted being abused by the SolarWinds hackers to escalate access to cloud resources after initially gaining access to local networks via the trojanized SolarWinds Orion app — as per advisories from FireEye, Microsoft, and CISA (the US Cybersecurity and Infrastructure Security Agency).
