Sunday, July 16, 2023

Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens

Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consumer signing key and used it to forge authentication tokens for Azure AD enterprise and MSA
http://dlvr.it/SsFbYY
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Columbus won't explain critical cyber service outage hampering 311 for days - The Columbus Dispatch

Columbus won't explain critical cyber service outage hampering 311 for days  The Columbus Dispatch http://dlvr.it/TB6t50