Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits.
The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek.
Microsoft Azure shared key authorization can be exploited to access business data and achieve remote code execution.
The post Microsoft Azure Users Warned of Potential Shared Key Authorization Abuse appeared first on SecurityWeek.
An Azure Active Directory (AAD) misconfiguration leading to Bing.com compromise earned Wiz researchers a $40,000 bug bounty reward.
The post Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data appeared first on SecurityWeek.
