Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations.
"Storm-0558 acquired an inactive MSA consumer signing key and used it to forge authentication tokens for Azure AD enterprise and MSA
http://dlvr.it/SsFbYY
Subscribe to:
Post Comments (Atom)
Best online cybersecurity course of 2024 - TechRadar
Best online cybersecurity course of 2024 TechRadar http://dlvr.it/T6QJBW
-
A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack ...
-
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __...
-
NCUA cyber breach rule would give credit unions longer reporting window than banks Banking Dive http://dlvr.it/SVVF51
No comments:
Post a Comment