all InfoSec news
GraphNinja
April 29, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
The issue involved switching the 'common' authentication endpoint with that of an unrelated tenant,
thereby avoiding the appearance of logon attempts in the victim's logs.
This technique could allow attackers to validate user credentials through verbose error messages,
but actual successful logons using these credentials would still be recorded in the victims' logs (regardless of endpoint).
attackers attacks authentication credentials detection endpoint error graph issue logon logs messages microsoft password spray user credentials victim vulnerability
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
3 weeks, 1 day ago |
www.cloudvulndb.org
AWS Glue database password leakage
1 month, 1 week ago |
www.cloudvulndb.org
Synapse Analytics privilege escalation via intelligent caching
2 months, 2 weeks ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 2 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Sr. Product Manager
@ MixMode | Remote, US
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
PNT/NAVWAR Space Electronic Warfare Instructor II – Officer Training Course
@ Aleut Federal | Colorado Springs, Colorado, United States
Sr Director, Cybersecurity SIRT
@ Workday | USA, VA, McLean