Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege

30 August 2023

Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs. Threat actors can use this flaw to gain illegal authorization codes that can be used against Microsoft Power Platform API to gain access tokens and escalate their privileges.

Source: GBHackers

Date:

30 August 2023

Categorie(s):

NEWS

Tag(s):

Abandoned, Abuse, Azure, Cyber Security News, Cyber Threats

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024