Cybersecurity researchers at Wiz Research recently uncovered a major data exposure incident within Microsoft's AI GitHub repository. This alarming security breach was the result of a misconfigured Shared Access Signature (SAS) token, inadvertently granting access to a staggering 38 terabytes of sensitive and confidential data. Among the wealth of exposed information were over 30,000 internal Microsoft Teams messages, along with a trove of confidential data that included workstation backups belonging to two employees. This exposed data contained critical information, including passwords, secret keys, and private messages.
The root cause of this incident lies in the functionality of SAS tokens within Microsoft's Azure platform. These tokens serve as a means of providing access to Azure Storage data with varying levels of permissions, ranging from read-only access to full control over the data. While this granularity of control can be powerful for authorised users, it also introduces significant risks when misconfigured.
In this case, a link that was originally intended to grant access to specific data inadvertently opened the door to the entire storage account. This situation was further compounded by the SAS token assigned "full control" permissions, essentially handing over the keys. As a result, not only could unauthorised individuals view the stored data, but they also possessed the ability to overwrite and delete files within the storage account.
What makes this data exposure particularly concerning is the potential for malicious actors to exploit this vulnerability. With access to the AI models stored in this repository, attackers could potentially input malicious code, leading to users unknowingly deploying compromised models for various applications.
Apple has responded swiftly to a series of security advisories, releasing updates to tackle three zero-day vulnerabilities impacting Safari, iOS, iPadOS, watchOS, and macOS. These vulnerabilities carry severe security implications, including the potential for arbitrary code execution, privilege escalation, and circumvention of signature validation. Notably, there are indications that these vulnerabilities have been actively targeted, underscoring the critical need for prompt action by affected users and organisations.
Apple has recently disclosed and acted upon three zero-day vulnerabilities affecting multiple widely-used operating systems and applications, such as Safari, iOS, iPadOS, watchOS, and macOS. These vulnerabilities pose substantial security risks, including the execution of arbitrary code, the escalation of privileges, and the circumvention of signature validation mechanisms.
Safari Vulnerability This vulnerability discovered in the Safari web browser exposes users to potential arbitrary code execution or privilege escalation. Visiting compromised websites or interacting with malicious content could inadvertently expose devices to this threat.
iOS and iPadOS: These vulnerabilities identified in iOS and iPadOS, Apple's mobile operating systems, carry the risk of arbitrary code execution or privilege escalation. Notably, Apple has indicated that these vulnerabilities may have already been actively exploited, heightening the urgency for users to update their devices promptly.
watchOS and macOS Vulnerability: Analogous to the vulnerabilities found in iOS and iPadOS, those in watchOS and macOS also introduce the possibility of arbitrary code execution or privilege escalation. It is crucial for organisations and individuals using these systems to take immediate steps to secure their devices.
Apple has responded to these vulnerabilities by releasing security updates and patches for the impacted operating systems and applications. It is imperative that users and organisations expeditiously apply these updates to fortify their systems against potential exploitation.
Of particular concern is Apple's disclosure that these vulnerabilities may have been actively targeted against versions of iOS predating iOS 16.7. This underscores the urgency of updating to the most recent versions to guard against potential threats.
It is advised that you promptly implement security updates and patches and encourage users to upgrade their devices to the latest operating system versions.
Caesars Entertainment, the well-known hotel and casino chain, has officially confirmed a significant data breach in a recent cyberattack, substantiating earlier reports in the media. The company disclosed that hackers successfully obtained a copy of its loyalty program database. This database contains sensitive information, including the driver's licence and Social Security numbers of a substantial number of members.
Although Caesars acknowledged that additional data was compromised during the breach, specific details have not been disclosed. The precise number of individuals affected by this incident remains uncertain. Notably, the company's statement suggests that they opted to pay a ransom, reports suggest they paid half of the demanded $30 million to the hackers in an effort to prevent the release of the stolen data.
According to reports, the breach was executed through the use of social engineering tactics targeting an external IT vendor.
Caesars now joins MGM Resorts, another hotel and casino giant, to fall victim to cyberattacks, which also recently faced a significant "cybersecurity issue."
*Subscribe to our newsletter
.svg)
.png)
.png)
