June 3, 2024 at 02:59PM Tenable researchers discovered a high-severity vulnerability in Azure Service Tags, potentially allowing access to customers’ private data. Attackers could exploit the vulnerability to impersonate trusted Azure services, bypass firewall rules, and access internal APIs. Microsoft contends Service Tags are not a security boundary and advises additional authentication and authorization layers … Read more
May 21, 2024 at 01:54PM Infosec researchers have flagged a critical vulnerability (CVE-2024-4323) in Fluent Bit, a widely used logging component. Tenable discovered the flaw, potentially leading to denial of service, information leakage, and remote code execution. The issue affects versions 2.0.7 through 3.0.3 and may compromise the security of major cloud providers and blue … Read more
May 20, 2024 at 04:04PM A severe memory corruption vulnerability named “Linguistic Lumberjack” is found in the popular cloud logging tool Fluent Bit, impacting numerous major cloud service providers and organizations. The bug, tracked under CVE-2024-4323, enables denial of service, data leakage, and remote code execution. Maintainers have released a fix, urging prompt updates or … Read more