Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps

Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps

Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses a critical attack vector, effectively handing adversaries the keys to an organization’s cloud environment. During a recent cybersecurity assessment by Resecurity’s HUNTER Team, researchers discovered that a publicly accessible appsettings.json file had exposed the ClientId and ClientSecret of an Azure AD application, […]

The post Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

​The original article found on GBHackers Security | #1 Globally Trusted Cyber Security News Platform Read More