Palo Alto Networks

Secrets Management

Abuse and Mitigation of Misconfigured SAS Tokens

An AI research team recently made a massive mistake when they published a bucket of open-source training data on GitHub that included terabytes of additional private data. This data contained a disk backup of employees’ workstations, containing all their secrets, private keys, passwords and thousands of internal messages!

The researchers shared the files using SAS tokens, a feature from Azure Storage accounts that allows data to be shared through the system. The uninten...

Nov 20, 2023

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.