all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Add to bookmarks
Jan. 17, 2023, 2:12 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to gain unauthorized access to cloud resources.
The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, have since been addressed

access api api management attacks azure cloud cloud resources december digital digital twins exploited exposed flaws forgery functions machine machine learning management microsoft microsoft azure microsoft azure services october orca request resources security security issues server server-side request forgery services ssrf unauthorized access vulnerable

Visit resource

More from thehackernews.com / The Hacker News

Apache Cordova App Harness Targeted in Dependency Confusion Attack 10 hours ago | thehackernews.com
actor apache app attack +21
Webinar: Learn Proactive Supply Chain Threat Hunting Techniques 12 hours ago | thehackernews.com
attacks breach cybersecurity defenses +23
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases 13 hours ago | thehackernews.com
access action call called +30
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery 13 hours ago | thehackernews.com
beyond breaches businesses can +15
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies 13 hours ago | thehackernews.com
arrest china chinese federal +9
U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse 17 hours ago | thehackernews.com
businesses commercial commercial spyware department +11
Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware 19 hours ago | thehackernews.com
actor april apt28 called +21
Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft 1 day, 8 hours ago | thehackernews.com
access actor advanced adversary +21
Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous … 1 day, 12 hours ago | thehackernews.com
compromised continuous cyberattack deploy +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineering Professional

@ Nokia | India
View on infosec-jobs.com

Cyber Intelligence Exercise Planner

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Technical Lead, HR Systems Security

@ Sun Life | Sun Life Wellesley
View on infosec-jobs.com

SecOps Manager *

@ WTW | Thane, Maharashtra, India
View on infosec-jobs.com

Consultant Appels d'Offres Marketing Digital

@ Numberly | Paris, France
View on infosec-jobs.com
View more jobs