Get a Pentest and security assessment of your IT network.

Cyber Security

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

A vulnerability in the way Microsoft applications use OAuth for third-party authentication could allow an attacker to take over Azure cloud accounts. The vulnerability was discovered Oct. 29 and fixed Nov. 19. Researchers discovered three vulnerable Microsoft applications that trust these unregistered domains. Attackers can take advantage of this by taking over these domains and then registering them, meaning that they would be approved by default and could request users access_tokens which would then allow them to take actions.

Source: https://threatpost.com/microsoft-oauth-flaw-azure-takeover/150737/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation