BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog
Tags
| attack-pattern: | Data Control Panel - T1218.002 Sharepoint - T1213.002 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 1fed67c3-9e6a-4f10-b6ae-60392a3992fa |
| Fingerprint | a9581a9846f32f56 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 29, 2023, 12:18 p.m. |
| Added to db | Aug. 31, 2024, 10:31 a.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover |
| Title | BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog |
| Detected Hints/Tags/Attributes | 55/1/8 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 94 | bing.com |
|
| Details | Domain | 3 | bingtrivia.azurewebsites.net |
|
| Details | Domain | 2 | business.bing.com |
|
| Details | Domain | 2 | powerautomate.microsoft.com |
|
| Details | Domain | 369 | microsoft.com |
|
| Details | Domain | 41 | wiz.io |
|
| Details | 24 | research@wiz.io |
||
| Details | File | 2 | business.bin |