Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD
2023-3-29 15:0:0 Author: msrc-blog.microsoft.com(查看原文) 阅读量:10 收藏

Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD

Wednesday, March 29, 2023

Summary Summary Microsoft has addressed an authorization misconfiguration for multi-tenant applications that use Azure AD, initially discovered by Wiz, and reported to Microsoft, that impacted a small number of our internal applications. The misconfiguration allowed external parties read and write access to the impacted applications. Microsoft immediately corrected the misconfiguration and added additional authorization checks to address the issue and confirmed that no unintended access had occurred.

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

Tuesday, March 14, 2023

March 24, 2023 update: Impact Assessment has been updated to a link to Guidance for investigating attacks using CVE-2023-23397 - Microsoft Security Blog. March 23, 2023 update: See Releases for Microsoft Products below for clarification on product changes and defense in depth update availability. Summary Summary Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft to an untrusted network, such as the Internet.

Azure Kubernetes Service (AKS) Threat Hunting

Wednesday, March 01, 2023

As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also extended to adversaries. As adversaries leverage Kubernetes to run their workloads, their understanding of how these platforms work and can be exploited increases.

Configuring host-level audit logging for AKS VMSS

Wednesday, March 01, 2023

This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service (AKS) Virtual Machine Scale Set (VMSS) using the Linux auditing subsystem, also known as auditd. Warning The information provided below is accurate as of the release date of this blog post (2023-03) and guidance may change in future.

First steps in CHERIoT Security Research

Tuesday, February 28, 2023

At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. Because the massive majority of existing codebases are written in unsafe programming languages, the task of protecting legacy code is very important. Hardware solutions are an attractive approach because they introduce very powerful security properties with low overheads compared to purely software solutions.

New MSRC Blog Site

Wednesday, February 08, 2023

We are excited to announce the release of the new Microsoft Security Response Center (MSRC) blog site. Please visit msrc.microsoft.com/blog/ starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved site performance, search, categories, and tags to help users easily find content.

BlueHat 2023: Connecting the security research community with Microsoft

Monday, February 06, 2023

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center (MSRC), BlueHat is where the security research community, and Microsoft security professionals, come together as peers to connect, share, learn, and exchange ideas in the interest of creating a safer and more secure world for all.

Microsoft Investigation - Threat actor consent phishing campaign abusing the verified publisher process

Tuesday, January 31, 2023

Summary Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program (MCPP) (formerly known as Microsoft Partner Network (MPN)). The actor used fraudulent partner accounts to add a verified publisher to OAuth app registrations they created in Azure AD.

Congratulations to the Top MSRC 2022 Q4 Security Researchers!

Thursday, January 26, 2023

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q4 Security Researcher Leaderboard are: goodbyeselene, Jarvis_1oop, and kap0k! Check out the full list of researchers recognized this quarter here.

Microsoft resolves four SSRF vulnerabilities in Azure cloud services

Tuesday, January 17, 2023

Summary Summary Microsoft recently fixed a set of Server-Side Request Forgery (SSRF) vulnerabilities in four Azure services (Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins) reported by Orca Security. These SSRF vulnerabilities were determined to be low risk as they do not allow access to sensitive information or Azure backend services.


文章来源: https://msrc-blog.microsoft.com/blog/2023/03/guidance-on-potential-misconfiguration-of-authorization-of-multi-tenant-applications-that-use-azure-ad/
如有侵权请联系:admin#unsafe.sh