Jump to content

Welcome to Fundayforum. Please register your ID or get login for more access and fun.

Signup  Or  Login

house fdf.png


Captain Marvel Movie 2019

IMDb - 6.3/10 Rotten Tomatoes Description: Captain Marvel gets caught in the middle of a galactic war between two alien races. Initial release: March 8, 2019 (USA) Directors: Anna Boden, Ryan Fleck Budget: 152 million USD Music composed by: Pinar Toprak Screenplay: Anna Boden, Ryan Fleck, Nicole Perlman, Geneva Robertson-Dworet, Meg LeFauve, Liz Flahive, Carly Mensch
Watch and Download

Alita - Battle Angel 2019

IMDb: 7.6/10 Genre : Action, Science Fiction, Thriller, Romance Director : Robert Rodriguez Stars : Rosa Salazar, Christoph Waltz, Ed Skrein, Mahershala Ali, Jennifer Connelly LANGUAGE: Hindi (Cleaned) – English Quality: 720p HD-Camrip PLOT: Six strangers find themselves in a maze of deadly mystery rooms, and must use their wits to survive.
Watch and Download
  • entries
  • comments
  • views

A Kerala-Based Engineer Uncovered A Bug That Could Expose More Than 40 Crore Microsoft Accounts

Sign in to follow this  


Given the spike in cybercrime where the end users are the most affected, most technology giants are always focused on keeping their platform or product secure to avoid any untoward cases.

Our internet footprint is extremely large and with everything getting online, we entrust a huge part of ourselves online.

To keep their products clean, tech giants have encouraged bug bounties and welcomed white hat hackers in the last decade. 

This rewarding stance of companies has created a new line of hackers, who intend to discover cracks in the system and then inform the admin so that a patch can be applied. This way, the hackers aren't legally penalised for the unauthorised entry, but rewarded for being ethical.

An Indian Engineer Just Helped Microsoft In A Big Way© LinkedIn / Sahad NK

Sahad NK, who works as a security researcher with cybersecurity portal Safetydetective.com, came across multiple vulnerabilities that left over 400 million Microsoft users' accounts, from Office 365 to Outlook emails, open to intrusion.

When these vulnerabilities are chained together, an attacker can take over any Microsoft Outlook, Microsoft Store, or Microsoft Sway account simply via the victim clicking on a link. 

An Indian Engineer Just Helped Microsoft In A Big Way© Reuters

"Immediately after finding these vulnerabilities, we contacted Microsoft via their responsible disclosure programme and started working with them," said Safetydetective on Tuesday. Microsoft was informed about the susceptibility in June and then a patch was in place by November.

"While the vulnerability proof of concept was only made for Microsoft Outlook and Microsoft Sway, we expect it to affect all Microsoft accounts including Microsoft Store," said Sahad.

An Indian Engineer Just Helped Microsoft In A Big Way© Safetydetective

A Microsoft operated subdomain "success.office.com" wasn't configured properly and the same bug was also found in Microsoft Office, Store and Sway products.

Since the subdomain belongs to Office.com, a majority of the safety tools like anti-virus and malicious link detectors failed to flag it as unsafe. Even when clicking the link, the user was transiting through an official Microsoft domain.

An Indian Engineer Just Helped Microsoft In A Big Way© Reuters

Sahad, along with a fellow researcher Paulos Yibelo, reported the bug to Microsoft who, after fixing the bug, awarded them with an unspecified amount as bug bounty.

"Anyone's Office account, even enterprise and corporate accounts, including their email, documents and other files, could have been easily accessed by a malicious attacker, and it would have been near-impossible to discern from a legitimate user," TechCrunch said.

Source: TechCrunch

MeToo And The Sum Of Its Parts

Sign in to follow this  


Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now