All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 2, 2022. I’ve also included some comments on these stories.

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server. If untended, these issues could result in unauthorized cross-account database access in a region, reports The Hacker News.

SAMANTHA ZEIGLER | Security Researcher at Tripwire

Microsoft disclosed vulnerabilities to their Azure Databases this week that were found in January. They mitigated the vulnerabilities rapidly after disclosure but waited to disclose them to the public until now. This gives them more time to analyze and protect against the vulnerability before publicizing it. The pair of vulnerabilities allowed for databases to be replicated by people with a forged certificate, thus giving access to stored data to attackers.


How to Attack Your Own Company’s Service Desk to spot risks

In 2020 cybercriminals launched a spear phishing attack against Twitter that successfully scammed victims out of $180,000 worth of Bitcoin, reports Bleeping Computer. The attacker used a phone-based social engineering scam against Twitter employees in order to gain access to privileged accounts.

DYLAN D’SILVA | Security Researcher at Tripwire

Sometimes the path of least resistance actually works. Almost every company has an IT helpdesk, and cybercriminals are targeting them, seeing them as a potential ingress into a company’s network. When phishing and reconnaissance are done correctly, it allows cybercriminals to build data profiles and information which will help them achieve their eventual goal of data breach/ransomware/malware/data destruction etc.; take your pick.

Once enough personal information has been obtained, (Read more...)