this post was submitted on 22 Apr 2025
5 points (85.7% liked)

Pulse of Truth

1486 readers
70 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth
5
'Cookie Bite' Entra ID Attack Exposes Microsoft 365 (www.darkreading.com)
submitted 3 months ago by lemmydev2 to c/pulse_of_truth
3 comments fedilink hide all child comments
 

A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.

you are viewing a single comment's thread
view the rest of the comments
[–] wizardbeard@lemmy.dbzer0.com 1 points 3 months ago* (last edited 3 months ago)

Not at all, you're absolutely right. In the Varonis article this clickbaity one references, they list out the corresponding session cookies for Google's cloud platform and AWS as well.