Podcast Detail

ANS Stormcast Monday, April 21st: MSFT Entra Lockouts; Erlang/OTP SSH Exploit; Sonicwall Exploit; bubble.io bug

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9416.mp3

previous
Podcast Logo
MSFT Entra Lockouts; Erlang/OTP SSH Exploit; Sonicwall Exploit; bubble.io bug
00:00

Microsoft Entra User Lockout
Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised.
https://www.bleepingcomputer.com/news/microsoft/widespread-microsoft-entra-lockouts-tied-to-new-security-feature-rollout/
https://learn.microsoft.com/en-us/entra/identity/authentication/feature-availability

Erlang/OTP SSH Exploit
An exploit was published for the Erlang/OTP SSH vulnerability. The vulnerability is easy to exploit, and the exploit and a Metasploit module allow for easy remote code execution.
https://github.com/exa-offsec/ssh_erlangotp_rce/blob/main/ssh_erlangotp_rce.rb

Sonicwall Exploited
An older command injection vulnerability is now exploited on Sonicwall devices after initially gaining access by brute-forcing credentials.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

Unpatched Vulnerability in Bubble.io
An unpatched vulnerability in the no-code platform bubble.io can be used to access any project hosted on the site.
https://github.com/demon-i386/pop_n_bubble

no transcript found