Tag
medium
threat
Unusual Azure Storage Account Key Access by Privileged User
2 rules 2 TTPsDetects unusual access to Azure Storage Account keys by users with Owner, Contributor, Storage Account Contributor, or User Access Administrator roles, potentially indicating compromised identities as seen in STORM-0501 ransomware campaigns.
Microsoft Azure +1
Storm-0501
azure
storage account
credential access
ransomware
2r
2t
low
advisory
Azure Storage Account Key Regeneration
2 rules 2 TTPsDetection of Azure Storage Account key regeneration events, which can signify potential credential access or persistence attempts by adversaries aiming to gain unauthorized access or disrupt services.
Azure Storage Account
azure
credential-access
storage-account
2r
2t