Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found

https://trustedsec.com/blog/full-disclosure-a-third-and-fourth-azure-sign-in-log-bypass-found

264nyxgeek | 18 hours ago | 80 | HN

Puts me in mind of this scathing report from CISA on how a state-sponsored group broke into Microsoft and then into the State Department and a bunch of other agencies. Reads like a heist movie.

https://www.cisa.gov/sites/default/files/2024-03/CSRB%20Revi...

What I found most incredible about the story is that it wasn't Microsoft who found the intrusion. It was some sysadmin at State who saw that some mail logs did not look right and investigated.

int0x2914 hours ago | parent | next

Don't worry CISA and any other involved regulator were gutted by DOGE.

loading story #47454620

loading story #47453540

loading story #47451060

loading story #47453932

loading story #47449829

loading story #47451969

loading story #47450462

loading story #47454024

loading story #47449934

loading story #47450924

loading story #47450990

loading story #47453037

loading story #47450712

loading story #47455978

loading story #47453937

loading story #47451136

loading story #47450884

loading story #47451294

loading story #47456549

loading story #47457418

loading story #47455418

loading story #47456627

pastescreenshot14 hours ago | parent | next

[dead]

loading story #47450190

loading story #47451716

loading story #47451119

#visit	13,196,822
#session	74,665
#live-session	0