Episode #2022-06

Posted on
LAPSUS azure bitb dirty-pipe spectrre

Dirty Pipe is a Linux kernel vulnerability that alllows overwriting data in read-only files. 1

Orca Security discussed the AutoWrap vulnerability in Azure Automation service which allowed unauthenticated access to the authorization tokens for many customers. 2

VUSec discovered Branch History Injection, a cross-privilege Spectre-v2 attack that could leak kernel memory on modern Intel CPUs. 3

Browser-in-the-browser is a sophisicated phishing technique uncovered by @mrd0x that they create fake pop-up window with a fake address bar that most people would fall for. 4

Okta concluded their investigation. Microsoft also shared their findings on DEV-0537 (LAPSUS$). 5

1. The Dirty Pipe Vulnerability (dirtypipe.cm4all.com)

See also:

2. AutoWarp Microsoft Azure Automation Vulnerability - Orca Security (orca.security)

See also:

3. Branch History Injection - VUSec (www.vusec.net)

See also:

4. Browser In The Browser (BITB) Attack | mr.d0x (mrd0x.com)

See also:

5. Okta Concludes its Investigation Into the January 2022 Compromise | Okta (www.okta.com)

See also: