all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SyncJacking: Hard Matching Vulnerability Enables Azure AD Account Takeover

Add to bookmarks
Nov. 18, 2022, 6 a.m. | Tomer Nahum

Security Boulevard securityboulevard.com

This post describes an abuse of hard matching synchronization in Azure AD Connect that can lead to Azure AD account takeover. These findings build on the research that Semperis published in August, which described abuse of soft matching (also known as SMTP matching). This SyncJacking vulnerability means that an attacker with certain privileges can abuse ...


The post SyncJacking: Hard Matching Vulnerability Enables Azure AD Account Takeover appeared first on Semperis.


The post SyncJacking: Hard Matching Vulnerability Enables Azure …

account account takeover active directory azure azure ad hard takeover vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

Miggo Unfurls Real-Time Application Detection and Response Platform 3 hours ago | securityboulevard.com
ai and machine learning in security and response api security application +21
From Caesar to Cyberspace: The Growing Menace of Obfuscated Phishing Scams 4 hours ago | securityboulevard.com
attackers caesar cto corner cyberattacks +17
HHS Strengthens Privacy of Reproductive Health Care Data 5 hours ago | securityboulevard.com
administration biden biden administration care +37
UnitedHealth: Ransomware Attackers Stole Huge Amount of Data 7 hours ago | securityboulevard.com
attackers breach care cloud security +32
Oak Ridge, McCrary Institute Establish Cybersecurity Center Focused on Electrical Grid 8 hours ago | securityboulevard.com
addition center centers critical +29
PuTTY SSH Client Vulnerability Allows Private Key Recovery 9 hours ago | securityboulevard.com
blog client critical critical vulnerability +15
5 Tips for API Hackers on Picking Your First Target 9 hours ago | securityboulevard.com
api api hacking fundamentals api hacking mindset apis +11
TuxCare Names Glen Kuhne as Vice President of Enterprise Sales 11 hours ago | securityboulevard.com
alto april customer customer success +22
AI: Friend or Foe? Unveiling the Current Landscape with MixMode’s State of AI in Cybersecurity … 11 hours ago | securityboulevard.com
ai ai cybersecurity artificial artificial intelligence +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineering Professional

@ Nokia | India
View on infosec-jobs.com

Cyber Intelligence Exercise Planner

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Technical Lead, HR Systems Security

@ Sun Life | Sun Life Wellesley
View on infosec-jobs.com

SecOps Manager *

@ WTW | Thane, Maharashtra, India
View on infosec-jobs.com

Consultant Appels d'Offres Marketing Digital

@ Numberly | Paris, France
View on infosec-jobs.com
View more jobs