Microsoft Patches Azure AD Token‑Issuance Flaws Exploited by Ransomware

Microsoft disclosed two high‑severity vulnerabilities in Azure Active Directory that allowed attackers to issue authentication tokens without proper authorization. Proof‑of‑concept exploit code leaked onto underground forums, and ransomware operators swiftly adopted the bugs to create persistent, low‑profile access to victim networks.

The flaws enabled credential theft, token replay, and lateral movement, dramatically increasing the speed at which ransomware can encrypt critical assets. Defenders must apply the emergency patches immediately, enforce MFA and conditional access, audit token issuance logs for anomalies, and rotate any compromised secrets to stop the emerging credential‑theft chain.

Categories: Vulnerabilities & Exploits, Identity & Access Management, Malware & Ransomware

Source: Read original article