An Interest In:
Web News this Week
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
December 11, 2018 03:38 pm GMT
Original Link: http://feeds.mashable.com/~r/mashable/tech/~3/2XSdSFeXk4I/
A bug left your Microsoft account wide open to complete takeover
Bug bounty hunter Sahad Nk recently uncovered a series of vulnerabilities that left Microsoft users’ accounts — from your Office documents to your Outlook emails — susceptible to hacking.
While working as a security researcher with cybersecurity site SafetyDetective, Nk discovered that he was able to take over the Microsoft subdomain, http://success.office.com, because it wasn’t properly configured. This allowed the bug hunter to set up an Azure web app that pointed to the domain’s CNAME record, which maps domain aliases and subdomains to the main domain. By doing this, Nk not only takes control of the subdomain, but also receives any and all data sent to it. Read more...
More about Microsoft, Hacking, Office, Bugs, and VulnerabilityOriginal Link: http://feeds.mashable.com/~r/mashable/tech/~3/2XSdSFeXk4I/
Share this article:
Tweet
View Full Article
Mashable
Mashable is the top source for news in social and digital media, technology and web culture.More About this Source Visit Mashable