An Azure Active Directory (AAD) misconfiguration by Microsoft in one of its own cloud-hosted applications could have allowed miscreants to subvert the IT giant’s Bing search engine – even changing search results.
User information including Outlook emails, calendars, and Teams messages was also left vulnerable to potential theft and snooping.
Wiz researchers discovered the security blunder, and said the error – which they dubbed BingBang – was due to an authorization…
Source link