Pulse of Truth

2395 readers

139 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

Microsoft rejects critical Azure vulnerability report, no CVE issued (www.bleepingcomputer.com)

submitted 18 hours ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

2 comments fedilink hide all child comments

A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that "no product changes were made," despite the researcher documenting a silent fix. [...]

top 2 comments

sorted by: hot top controversial new old

[–] sleepmode@lemmy.world 13 points 17 hours ago (1 children)

maybe we should just go back to posting the exploits publicly with zero warning. fuck em.

[–] SpaceNoodle@lemmy.world 2 points 17 hours ago

While that would hurt end users more than the customers themselves, it might eventually teach those upstream a valuable lesson.