Microsoft has patched three new vulnerabilities in the Azure API Management service which includes two Server-Side Request Forgery (SSRF) vulnerabilities and a file upload path traversal on an internal Azure workload, according to cybersecurity firm Ermetic. The vulnerabilities were achieved through url formatting bypasses and an unrestricted file upload functionality in the API Management developer […]
Posts Tagged ‘Azure’
All of Azure DevOps REST APIs are now getting granular Personal Access Tokens (PAT). The goal of the change, which was met with glee in the cybersecurity community, is to minimize the potential damage of a leaked PAT credential. Announcing the news via an Azure DevOps blogpost, product manager Barry Wolfson said that prior to […]
Category Cloud securitySecurity
0 Comments
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonated various services appearing to be legitimately created on the “azurefd.net” domain. This allows the bad actors to trick users and spread phishing […]
Category Cyber-crimePhishing
0 Comments
TUESDAY, APRIL 23, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments