An advisory from the U.S. National Security Agency provides Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging authentication information. The document considers an adversary that already breached the local network and has privileged access to the on-premise authentication mechanisms for the cloud infrastructure. NSA released the guidance in response to ongoing cybersecurity events referring to SolarWinds supply-chain attack that targeted private and government organizations in at least seven countries.
Source: https://www.bleepingcomputer.com/news/security/nsa-warns-of-hackers-forging-cloud-authentication-information/