Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams

Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams

Executive Summary As more and more business is conducted from remote locations, attackers are focusing their efforts on exploiting the key technologies – like Zoom and Microsoft Teams – that companies and their employees depend ... Read More
Wild Temporary Tokens and Where to Find Them – AWS Edition

Wild Temporary Tokens and Where to Find Them – AWS Edition

|
AWS is one of the most successful cloud solutions available today. As a pioneer in the infrastructure-as-a-service (IaaS) scene, AWS has more than a million customers. Part of that success is because of the rich ... Read More
I Know What Azure Did Last Summer

I Know What Azure Did Last Summer

|
More and more companies are deciding to move their infrastructures into cloud environments offered by Microsoft Azure, Google Cloud Computing, Amazon AWS and many more. In our modern and rapidly changing times, companies big and ... Read More
BlackDirect: Microsoft Azure Account Takeover

BlackDirect: Microsoft Azure Account Takeover

|
Over the last few weeks, my team and I have been working on research associated with Microsoft Azure and Microsoft OAuth 2.0. Over the course of that time, we found a vulnerability that allows for ... Read More