Log in Your Own Eye - Exploiting a Stealthy C2 Channel in Azure Logging Infrastructure

Explore the exploitation of Azure Log Analytics as a covert channel in this BSidesSF 2022 conference talk. Dive into the potential security risks of cloud logging infrastructure, specifically focusing on Azure's logging system. Learn about the Custom Query Language, external data integration, and the vulnerabilities that can arise from these features. Understand the scenario, considerations, and proof of concept for this exploitation technique. Witness a live demonstration of the covert communication channel and discuss its implications as a Command and Control (C2) mechanism. Analyze potential mitigation strategies and broader security concerns related to cloud logging systems. Gain valuable insights into securing Azure environments and enhancing threat detection capabilities in cloud infrastructures.