this post was submitted on 22 Jul 2023
5 points (100.0% liked)

Sysadmin

7679 readers
44 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago
MODERATORS
DarraignTheSane@lemmy.world
00Lemming@lemmy.world
L3s@lemmy.world
5
Compromised Microsoft Key: More Impactful Than We Thought (www.wiz.io)
submitted 1 year ago by REdOG@lemmy.world to c/sysadmin@lemmy.world
0 comments fedilink hide all child comments
 

According to Microsoft, the compromised key was inactive and therefore any access token signed by this key must be considered suspicious.

Unfortunately, there is a lack of standardized practices when it comes to application-specific logging. Therefore, in most cases, application owners do not have detailed logs containing the raw access token or its signing key. As a result, identifying and investigating such events can prove exceedingly challenging for app owners.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here