keyCredentials – IoT OT Security News

Microsoft Azure AD の深刻な脆弱性 CVE-2021-42306 がユーザーに通知される

Microsoft Informs Users of High-Severity Vulnerability in Azure AD

2021/11/18 SecurityWeek — 水曜日に Microsoft は、Azure Active Directory (AD) に影響を与える情報漏えいの脆弱性に、パッチを適用したと顧客に通知しました。この脆弱性 CVE-2021-42306 (CVSS 8.1) は、Azure で新しい Automation Account が設定されたときの、Run as 認証情報が作成される方法に起因している。

API (239)
APT (523)
Asia (398)
AuthN AuthZ (796)
BruteForce (67)
BugBounty (76)
CyberAttack (3,299)
DarkWeb (228)
DataBreach (550)
DataLeak (194)
DDoS (164)
DoubleExtortion (15)
Exploit (1,455)
Geopolitics (1)
Literacy (2,369)
LOLbin (58)
MageCartAttack (14)
Malware (1,454)
MCP (16)
MisConfiguration (62)
NHI (10)
Outage (106)
ParadigmShift (181)
Privacy (243)
Protection (649)
RaaS (122)
Ransomware (732)
RAT (781)
Repository (342)
Research (1,210)
Resilience (133)
Scammer (614)
SecTools (238)
SocialEngineering (49)
SupplyChain (425)
TTP (1,001)
Uncategorized (16)
Vulnerability (4,845)
WateringHoleAttack (4)
Zero Trust (382)
_AI/ML (408)
_CDN (4)
_Cloud (369)
_Container (73)
_CryptCcurrency (40)
_Defence (162)
_Education (8)
_Finance (161)
_Government (1,080)
_HealthCare (47)
_Human (51)
_ICS (85)
_IDS/IPS (182)
_Industry (221)
_Infrastructure (129)
_Mobile (162)
_OpenSource (1,395)
_PLC (39)
_Regulation (158)
_Retail (78)
_RTOS (6)
_Space (26)
_Statistics (419)
_Storage (70)
_Telecom (77)
_Transportation (56)