Critical Vulnerability in Microsoft Azure Let Hackers Take Over the Complete Control of the Azure Accounts

4 December 2019

Researchers discovered a critical vulnerability in Microsoft Azure named “BlackDirect” that allows attackers to take over the Azure user’s accounts and creating the Token with the victim’s permissions. The vulnerability specifically affected Microsoft’s OAuth 2.0 applications that allow malicious attacker access and control a victim’s account “OAuth is a protocol for authorization that is commonly used as a way for end-users to grant websites or applications access to their information from other websites without giving the website or app secrets or passwords.” In the next generation, OAuth2 allows third-party applications to grant limited access to an HTTP service and accessing clients might be a website or mobile application.

Read full article on GBHackers

Date:

4 December 2019

Categorie(s):

NEWS

Tag(s):

Accounts, Azure, Cyber Threats, Hacking, Let

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data4 May 2024
Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024