all InfoSec news
Privilege Escalation Using SCIM Provisioning
May 10, 2024, 4:55 a.m. | Ronak Patel
InfoSec Write-ups - Medium infosecwriteups.com
Hi Fellow Hackers!!!
Happy New Year!!!
This Write-Up is about the same program i mentioned in my another article “https://medium.com/@ronak-9889/admin-account-takeover-ab7535fe0fdb”
As mentioned in that write-up this program introduced new feature called “Custom role” which allows admin to create user with custom permissions. One of the permission which could be assigned was “Access to security section”
As seen above Imagine Admin has created user with the custom role which has only “access to security section” admin permission.
As seen …
access control bug bounty cybersecurity information security privilege escalation
More from infosecwriteups.com / InfoSec Write-ups - Medium
Subdomain takeover via AWS s3 bucket
4 days, 4 hours ago |
infosecwriteups.com
Understanding the CrowdStrike 2024 Global Threat Report
4 days, 4 hours ago |
infosecwriteups.com
Prevent Cross-Site Scripting Attacks in Node.js
4 days, 4 hours ago |
infosecwriteups.com
HTB: Bizness walkthrough
4 days, 4 hours ago |
infosecwriteups.com
CozyHosting HTB Easy | Walkthrough
4 days, 4 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)