June 7, 2023

[Information Security Daily]On January 18, 2023, researchers revealed an attack method that abused GitHub Codespaces, and Microsoft patched 4 SSRF vulnerabilities in Azure services

Emerging Cloud Development Tools Could Be Used by Hackers to Spread Malware! Recently, information security provider Trend Micro disclosed the attack method of abusing the cloud IDE service GitHub Codespaces, and said that attackers can also build more malicious websites through pre-set containers with relevant configurations. The researchers explained the details of the Azure server-side request forgery (SSRF) vulnerability patched by Microsoft in the fourth quarter of last year, and pointed out that some vulnerabilities can be exploited without authentication, and even attackers can carry out related attacks without an Azure account. Oracle released the first quarterly routine patch of this year on January 17, which released updates for a number of products, among which nearly 40 vulnerabilities were patched for the database system MySQL, which is quite noteworthy.

Ewen Eagle

I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.

View all posts by Ewen Eagle →

Leave a Reply

Your email address will not be published.