Source |
The Hacker News |
Identifiant |
8368339 |
Date de publication |
2023-08-10 16:44:00 (vue: 2023-08-10 12:06:57) |
Titre |
Emerging Attaper Exploit: Microsoft Cross-Renant Synchronisation Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization |
Texte |
Les attaquants continuent de cibler les identités Microsoft pour accéder aux applications Microsoft connectées et aux applications SAAS fédérées.De plus, les attaquants continuent de progresser leurs attaques dans ces environnements, non pas en exploitant les vulnérabilités, mais en abusant de la fonctionnalité native de Microsoft pour atteindre leur objectif.Le groupe d'attaquant Nobelium, lié aux attaques de Solarwinds, a été
Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue to progress their attacks in these environments, not by exploiting vulnerabilities, but by abusing native Microsoft functionality to achieve their objective. The attacker group Nobelium, linked with the SolarWinds attacks, has been |
Envoyé |
Oui |
Condensat |
abusing access achieve additionally applications attacker attackers attacks been but connected continue cross emerging environments exploit: exploiting federated functionality gain group has identities linked microsoft native nobelium not objective progress saas solarwinds synchronization target tenant these vulnerabilities |
Tags |
Cloud
|
Stories |
Solardwinds
|
Notes |
★★
|
Move |
|