Sys-Admin & InfoSec Channel

Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform

A researcher at Tenable has discovered an issue that enables limited, unauthorized access to cross-tenant applications and sensitive data (including but not limited to authentication secrets). Background The issue occurred as a result of insufficient access control to Azure Function hosts, which are launched as part of the creation and operation of custom connectors in Microsoft’s Power Platform (Power Apps, Power Automation).

Midnight Blizzard conducts targeted social engineering over Microsoft Teams | Microsoft Security Blog

Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).

The Massive macOS Threats Trending in the Dark Web. | Guardz.com

The recent reveal of ShadowVault malware in our blog post decidedly piqued the interest of the cybersecurity news community. Keeping up-to-date with the

Evasive Phishing Tactic Utilizes Google AMP | Cofense

Learn about a new phishing tactic utilizing Google Accelerated Mobile Pages (AMP) that is proving to be very successful at reaching intended targets.

CP2023-003 Vulnerability Mitigation/Remediation for Inkjet Printers (Home and Office/Large Format)

Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers

Top 10 Active Directory Attack Methods

It is imperative that organizations are aware of the most common ways that attackers can compromise Active Directory, which are explained here.

APT Bahamut Targets Individuals with Android Malware Using Spear Messaging - CYFIRMA

EXECUTIVE SUMMARY The team at CYFIRMA recently obtained advanced Android malware targeting individuals in the South Asia region. The suspicious...

FortiGuard Labs Discovers Multiple Vulnerabilities in Microsoft Message Queuing Service | FortiGuard Labs

Get an overview of the attack surfaces of MSMQ, the approaches taken to tackle the challenges encountered during fuzzing, and additional details of the vulnerabilities. Learn more.…

GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog

Wiz Research discovers CVE-2023-2640 & CVE-2023-32629, 2 privilege escalation vulnerabilities in Ubuntu's OverlayFS module impacting 40% of cloud workloads.

VulnCheck develops an exploit that gets a root shell on MikroTik RouterOS.

Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points - ASEC BLOG

AhnLab Security Emergency response Center (ASEC) has discovered that Lazarus, a threat group deemed to be nationally funded, is attacking Windows Internet Information Service (IIS) web servers and using them as distribution points for their malware. The group is known to use the watering hole technique for initial access. [1] The group first hacks Korean websites and modifies the content provided from the site. When a system using a vulnerable version of INISAFE CrossWeb EX V6 visits this website via a...

Zenbleed

About the security content of macOS Ventura 13.5

This document describes the security content of macOS Ventura 13.5.