Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs

The Hacker News Daily Updates Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques ($24.00 Value) FREE for a Limited Time The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. Download Now Sponsored LATEST NEWS Sep 16, 2021 Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The issue — tracked as CVE-2021-41077 — concerns unauthorized ... Read More Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The flaw — dubbed "Seventh Inferno" (CVSS score: 9.8) — is part of a trio ... Read More Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. "These attacks used the vulnerability, tracked ... Read More You Can Now Sign-in to Your Microsoft Accounts Without a Password Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email. The change is expected to be rolled out in the coming weeks. ... Read More Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by ... Read More Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques ($24.00 Value) FREE for a Limited Time The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India