Dirty Pipe is a Linux kernel vulnerability that alllows overwriting data in read-only files. 1
Orca Security discussed the AutoWrap vulnerability in Azure Automation service which allowed unauthenticated access to the authorization tokens for many customers. 2
VUSec discovered Branch History Injection, a cross-privilege Spectre-v2 attack that could leak kernel memory on modern Intel CPUs. 3
Browser-in-the-browser is a sophisicated phishing technique uncovered by @mrd0x that they create fake pop-up window with a fake address bar that most people would fall for. 4
Okta concluded their investigation. Microsoft also shared their findings on DEV-0537 (LAPSUS$). 5
Footnotes
1. The Dirty Pipe Vulnerability (dirtypipe.cm4all.com)
See also:
2. AutoWarp Microsoft Azure Automation Vulnerability - Orca Security (orca.security)
See also:
3. Branch History Injection - VUSec (www.vusec.net)
See also:
- Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks (download.vusec.net)
- vusec/bhi-spectre-bhb: This repository contains exploit and reverse-engineering source code regarding the Spectre-BHB/Branch History Injection vulnerability (github.com/vusec)
- Chips & Salsa Episode 12: March 2022 Security Advisories (community.intel.com)
- Branch History Injection and Intra-mode Branch Target Injection (www.intel.com)
- INTEL-SA-00598 (www.intel.com)
- Speculative Processor Vulnerability | Spectre-BHB – Arm Developer (developer.arm.com)
4. Browser In The Browser (BITB) Attack | mr.d0x (mrd0x.com)
See also:
5. Okta Concludes its Investigation Into the January 2022 Compromise | Okta (www.okta.com)
See also:
- Okta Official Statement on LAPSUS$ Claims | Okta (www.okta.com)
- Updated Okta Statement on LAPSUS$ | Okta (www.okta.com)
- Okta’s Investigation of the January 2022 Compromise | Okta (www.okta.com)
- DEV-0537 criminal actor targeting organizations for data exfiltration and destruction - Microsoft Security Blog (www.microsoft.com)