Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

Apple Hide My Email vulnerability exposes real user addresses

Apple Hide My Email vulnerability exposes real user addresses
A critical vulnerability in Apple’s Hide My Email service reportedly allows attackers to uncover the real email addresses associated with generated aliases. Discovered by security researcher Tyler Murphy, the flaw was responsibly reported to Apple over a year ago but remains unpatched despite multiple follow-ups. Independent testing by 404 Media successfully verified the exploit, confirming that a hidden iCloud address could be linked to a user's primary identity in minutes.

Source

Massive password spray attack targets Azure CLI despite conditional access policies

Massive password spray attack targets Azure CLI despite conditional access policies
A large-scale automated password spray campaign has targeted Microsoft Azure command-line interface users, resulting in over 81 million login attempts. The attack originated from an IPv6 address range managed by the infrastructure provider LSHIY LLC. While the success rate remains relatively low, the volume of these credential-based attacks has increased more than 150 times over the past six months.

Source

Securing Microsoft 365 against rogue AI agents and identity threats

Securing Microsoft 365 against rogue AI agents and identity threats
Organizations are increasingly facing risks from rogue AI agents that bypass traditional security perimeters by masquerading as legitimate user identities. These autonomous systems can gain persistent background access through unmanaged user consent or by exploiting legacy authentication flows like device-code and Resource Owner Password Credentials. Because these agents often borrow first-party application IDs, they leave no distinct service principal footprint in Microsoft Entra, making them difficult to distinguish from standard user activity.

Source

Windows 365 gains granular trust based controls for data redirection

Windows 365 gains granular trust based controls for data redirection
Microsoft has launched a public preview of context-based redirections for Windows 365 Enterprise and Flex environments. This feature replaces static allow or block rules with dynamic controls that evaluate the security posture of a session in real time. It aims to balance user productivity with data security by adjusting permissions based on the specific circumstances of a connection.

Source

Microsoft Authenticator to block enterprise accounts on rooted and jailbroken devices

Microsoft Authenticator to block enterprise accounts on rooted and jailbroken devices
Microsoft has clarified that a new security policy for the Microsoft Authenticator app will specifically target enterprise users on compromised mobile devices. The restriction prevents the use of Microsoft Entra credentials, commonly used for work and school accounts, on rooted Android or jailbroken iOS hardware. This measure aims to reduce the risk of session hijacking and credential theft on devices where OS-level security controls have been bypassed.

Source

Anthropic releases self-hosted Claude apps gateway for enterprise control

Anthropic releases self-hosted Claude apps gateway for enterprise control
Anthropic has launched the Claude apps gateway, a self-hosted control plane designed to centralize management for Claude Code across major cloud platforms. This tool allows organizations using Amazon Bedrock, Google Cloud, or Microsoft Foundry to move away from individual developer credentials in favor of a unified deployment path. The gateway functions as a single stateless Linux container that integrates directly with existing infrastructure to streamline the onboarding and offboarding of engineering teams.

Source

Russian intelligence hackers use social engineering to steal Signal backup keys

Russian intelligence hackers use social engineering to steal Signal backup keys
Russian intelligence services are conducting a sophisticated phishing campaign to steal Signal Backup Recovery Keys from high-value targets. The FBI and CISA report that attackers impersonate official support accounts to trick users into enabling cloud backups and sharing their 30-digit recovery codes. This social engineering tactic bypasses end-to-end encryption by allowing hackers to restore a victim's entire message history onto an attacker-controlled device.

Source

Managing Entra ID group changes with Microsoft Graph delta queries

Managing Entra ID group changes with Microsoft Graph delta queries
Microsoft Graph delta queries allow applications to identify added, changed, or deleted objects without performing a full read of the entire resource. This mechanism is ideal for synchronizing local data stores with Entra ID but is unsuitable for long-term reporting due to a seven-day token expiration limit. Because these tokens expire quickly, they cannot establish the 30-day baseline required for monthly change tracking.

Source

Linux Foundation launches Agent Name Service to secure AI identities via DNS

Linux Foundation launches Agent Name Service to secure AI identities via DNS
The Linux Foundation has introduced the Agent Name Service (ANS), an open standard designed to provide artificial intelligence agents with trusted identities. This framework utilizes the existing Domain Name System (DNS) to verify an agent's organizational affiliation and specific permissions. By anchoring identity to DNS, the service avoids proprietary registries and allows for the verification of an agent's code integrity and activity history.

Source

LastPass data breach exposes customer data

LastPass data breach exposes customer data
A supply chain attack targeting the market intelligence platform Klue has resulted in the theft of OAuth tokens used by several high-profile organizations. The Icarus extortion group gained access to Klue's infrastructure by exploiting a dormant legacy credential for a prototype integration service. Once inside, the threat actors exfiltrated OAuth tokens that allowed them to query connected third-party environments, specifically targeting Salesforce CRM data.

Source

❌