all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege

Add to bookmarks
Aug. 30, 2023, 7:03 a.m. | Eswar

GBHackers On Security gbhackers.com

Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs. Threat actors can use this flaw to gain illegal authorization codes that can be used against Microsoft Power Platform API to gain access tokens and escalate their privileges. Microsoft has patched these vulnerabilities as soon […]


The post Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege appeared first on GBHackers - Latest Cyber Security News | Hacker News …

abuse access access tokens active directory api authorization azure azure ad cyber security directory escalation flaw hackers illegal microsoft microsoft power platform platform power power platform privilege privilege escalation privileges reports threat threat actors tokens urls vulnerability

Visit resource

More from gbhackers.com / GBHackers On Security

NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication 2 days, 3 hours ago | gbhackers.com
1.0.6 address attacker attackers +30
5000+ CrushFTP Servers Hacked Using Zero-Day Exploit 2 days, 5 hours ago | gbhackers.com
access attacks can crushftp +30
13,142,840 DDoS Attacks Targeted Organization Around The Globe 2 days, 5 hours ago | gbhackers.com
attacks block can crash +16
Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike 2 days, 6 hours ago | gbhackers.com
attack beacon cobalt cobalt strike +17
Microsoft Publicly Releases MS-DOS 4.0 Source Code 2 days, 9 hours ago | gbhackers.com
code computing cyber-attack cyber security +16
New SSLoad Malware Combined With Tools Hijacking Entire Network Domain 2 days, 9 hours ago | gbhackers.com
addition attack campaign cobalt +24
Palo Alto Networks Shares Remediation Advice for Hacked Firewalls 2 days, 10 hours ago | gbhackers.com
access advice alto breach +26
Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox 2 days, 23 hours ago | gbhackers.com
access antivirus any.run attackers +32
Beware! Zero-click RCE Exploit for iMessage Circulating on Hacker Forums 3 days, 3 hours ago | gbhackers.com
apple click code code execution +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs