Microsoft Azure

Remote code execution vulnerability in Azure Data Factory and Azure Synapse Pipelines infrastructure

On: May 10, 2022

Tagged: Azure Data Factory, Azure Synapse, Common Vulnerability Scoring System (CVSS), cybersecurity, Hacking, Information Security, Integration Runtime (IR), Microsoft, Microsoft Azure, Orca Security, remote code execution (RCE), security flaws, vulnerability

Microsoft announced the release of several security updates to address a severe vulnerability in the Azure Synapse and Azure Data Factory pipelines whose exploitation would allow threat actors to executeRead More →

Npm factory is very risky to use as hundreds more packages with backdoor found

On: March 28, 2022

In: Cyber Security

Tagged: backdoor, Cyberattack, cybercrime, cybersecurity, hackers, Hacking, incidents, Information Security, Interactsh, JFrog, malware, Microsoft Azure, Node Package Manager (npm), Security breach, security flaws

JFrog cybersecurity specialists are investigating a wave of malicious Node Package Manager (npm) packages deployed by an unidentified threat actor. This threat was first detected on March 21, with 200Read More →

AutoWrap vulnerability in Azure Automation Service allows anybody to take over your account

On: March 8, 2022

In: Vulnerabilities

Tagged: Azure Sandbox, Cyberattack, cybercrime, cybersecurity, hackers, Hacking, incidents, Information Security, Microsoft, Microsoft Azure, privilege escalation, security flaws, tokens

In its latest security alert, Microsoft reports a bug in its Azure cloud platform that allowed users full access to other users’ accounts. The flaw, dubbed as “AutoWarp”, was reportedRead More →

Researchers publish details of the easy-to-exploit ChaosDB vulnerability affecting Azure Cosmos DB database solution

On: November 12, 2021

In: Vulnerabilities

Tagged: Blackhat Europe, ChaosDB, Common Vulnerability Scoring System (CVSS), Cosmos DB, Cyberattack, cybersecurity, databases, hackers, Hacking, incidents, Information Security, Microsoft, Microsoft Azure, research, vulnerability

A few months ago a group of researchers discovered the ChaosDB vulnerability, a severe flaw in the Azure Cosmos DB database solution whose exploitation would allow threat actors to accessRead More →

SolarWinds hackers steal source code from Azure, Exchange and other Microsoft products

On: February 18, 2021

In: Cyber Security

Tagged: Cyberattack, cybersecurity, Hacking, Microsoft, Microsoft Azure, MICROSOFT EXCHANGE, SolarWinds

The infamous SolarWinds cyberattack keeps bringing undesirable consequences for public and private organizations around the world; an example of this is the latest announcement by Microsoft security teams. The companyRead More →

Sparrow, the hacking tool developed by the US Govt. to scan Office 365 & Azure environments

On: December 28, 2020

In: Cyber Security

Tagged: cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Hacking, Microsoft 365, Microsoft Azure

In a recently released report, the Cybersecurity and Infrastructure Security Agency (CISA) revealed a PowerShell-based tool that might help detect potentially compromised applications and accounts in Microsoft 365 and AzureRead More →

Your Microsoft Azure servers are at risk; 2 critical vulnerabilities were found

On: October 9, 2020

In: Vulnerabilities

Tagged: cybersecurity, Hacking, Microsoft Azure, vulnerability

A group of experts revealed finding two critical vulnerabilities in App Services, a service managed by Microsoft Azure. Exploiting these flaws would allow threat actors to take control of aRead More →

Microsoft Azure

Remote code execution vulnerability in Azure Data Factory and Azure Synapse Pipelines infrastructure

Npm factory is very risky to use as hundreds more packages with backdoor found

AutoWrap vulnerability in Azure Automation Service allows anybody to take over your account

Researchers publish details of the easy-to-exploit ChaosDB vulnerability affecting Azure Cosmos DB database solution

SolarWinds hackers steal source code from Azure, Exchange and other Microsoft products

Sparrow, the hacking tool developed by the US Govt. to scan Office 365 & Azure environments

Your Microsoft Azure servers are at risk; 2 critical vulnerabilities were found

Critical Vulnerabilities in Cisco ASA & FTD Exposed! Learn How to Exploit CVE-2024-20353 and CVE-2024-20359

Dual Vulnerabilities in Microsoft SharePoint Server: Essential Steps to Mitigate Vulnerabilities

Exploiting the High-Risk Vulnerabilities in Secure Boot of Most Linux Devices on the Planet

Hackers’ New Target is containerized environments through vulnerabilities in runC

Hacking Android, Linux, macOS, iOS, Windows Devices via Bluetooth using a single vulnerability

110 Million AT&T Customers’ Data leaked: Inside the $370,000 Ransom Payment

How Hackers Stole Taylor Swift Tickets: The Full Ticketmaster Breach Story

Dark Web Sale: AMD’s Confidential Data Leaked – Full Story Revealed!

How Snowflake Hack is Linked to Santander(Spain, Chile, Uruguay) and Ticketmaster Breaches.Are You Affected?

Healthcare Hack Horror: Cyberattacks Leave French Hospitals in Chaos for $10 Million

Hacking the Unhackable: The Story of How CISA Was Breached

The Cloudflare Hack: A Hacker, 5000 Credentials, and Operation Code Red

Comparing CIS v8, CIS AWS Foundations Benchmark v1.5, and PCI DSS v4.0 for CSPM. Which you Should Start With?

MITRE EMB3D Explained: Top Threats to Embedded Devices and How EMB3D Mitigates Them

Google Gemini Under Fire: Critical Security Vulnerabilities You Need to Know to hack Gemini

Cracking SCCM Wide Open: Pentesting System Center Configuration Manager with Misconfiguration Manager

Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights

Hacking SSH Connections by exploiting SSH Protocol Vulnerabilities: Different Terrapin Attack Vectors

Understanding Latest DHCP DNS Vulnerabilities and How DHCP Exploits work in Active Directory

Hacking Bluetooth via MiTM: The BLUFFS Bluetooth attack to hack into Millions of Devices

6 Steps to File Anonymous SEC Complaints Against Data Breachers & Force Them to Pay Fines or Take Action

Inside the Exploit: How Your ChatGPT’s Uploaded Files Could Be Stolen by Prompt Injection Vulnerability

This Google Calendar technique allows to hack into companies without getting detected

This telegram bot is like ChatGPT for scammers to steal money from victims easily

How easy is to bomb someone mobile phone with thousands of SMS messages?

This new DDoS attack prevention technique has a 99% accuracy rate

How to secure Cisco Firepower Threat Defense (FTD) firewalls ?

The Dark Side of PDFs: How Opening a Simple PDF Could Unleash a Cybersecurity Nightmare

Largest soft drink bottle supplier, recycle and plastic manufacturers hacked by ransomware

Visited thesaurus.com in search for Synonyms? You have Coinminer malware infection

How to send malware via Teams, even “Safe Attachments” or “Safe Links” can’t protect you

2 Big Cloud hosting companies shutdown by ransomware and lose all customer data