Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Microsoft Patches Vulnerability Leading to Azure Account Takeover SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft Patches Vulnerability Leading to Azure Account Takeover
Quoting SecurityWeek:

Microsoft recently addressed an OAuth 2.0 vulnerability that could allow an attacker to take over Azure accounts.

The issue impacts specific Microsoft OAuth 2.0 applications and allows an attacker to create tokens with the victim’s permissions, CyberArk’s security researchers have discovered.

SecurityWeek

Sign Up for Free or Log In to start participating in the conversation!