Dark Reading

JSON Config File Leaks Azure ActiveDirectory Credentials

A publicly accessible configuration file for ASP.NET Core applications has been leaking credentials for Azure ActiveDirectory (AD), potentially allowing cyberattackers to authenticate directly via ...
Infosecurity-magazine.com

Azure AD Credentials Exposed in Public App Settings File

A cybersecurity assessment has uncovered a serious vulnerability involving Azure Active Directory (Azure AD). Resecurity’s HUNTER Team discovered that application credentials, specifically the ...
Redmond Magazine

Microsoft Details Attack Methods Using Azure AD Connect

Microsoft explained last week how purported nation-state attackers were able to "manipulate the Azure Active Directory (Azure AD) Connect agent," and then destroy a victim's Azure environment. The ...