New Spam Attack Abusing OAuth Apps to Target Microsoft Exchange Servers

By Deeba Ahmed According to Microsoft 365 Defender Research Team, in an incident they analyzed, malicious OAuth applications were deployed on compromised cloud tenants, and eventually, attackers took over Exchange servers to carry out spam campaigns. This is a post from HackRead.com Read the...

Hackers Using Malicious OAuth Apps to Take Over Email Servers

Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications deployed on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam. "The threat actor launched credential stuffing attacks against high-risk accounts that didn't...

Remote Code Execution

Red Hat CloudForms is vulnerable to remote code execution. This is because the dialog for creating cloud volumes cinder provider in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenan...

CFME: Dialog for creating cloud volumes does not filter cloud tenants CVE-2017-7497

The dialog for creating cloud volumes cinder provider in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant...