A bug left your Microsoft account wide open to complete takeover
Bug bounty hunter Sahad Nk recently uncovered a series of vulnerabilities that left Microsoft users’ accounts — from your Office documents to your Outlook emails — susceptible to hacking.
While working as a security researcher with cybersecurity site SafetyDetective, Nk discovered that he was able to take over the Microsoft subdomain, http://success.office.com, because it wasn’t properly configured. This allowed the bug hunter to set up an Azure web app that pointed to the domain’s CNAME record, which maps domain aliases and subdomains to the main domain. By doing this, Nk not only takes control of the subdomain, but also receives any and all data sent to it. Read more...
More about Microsoft, Hacking, Office, Bugs, and VulnerabilityCOntributer : Mashable https://ift.tt/2SDKKsr
A bug left your Microsoft account wide open to complete takeover
Reviewed by mimisabreena
on
Wednesday, December 12, 2018
Rating:
No comments:
Post a Comment