At a glance.
- Vulnerability discovered (and patched) in Azure.
- The Director of Germany's BSI is out.
- Killnet explains its actions against Bulgaria's government.
- The National Republican Army claims successful attacks on Russian companies.
- A look at the state of ransomware. CISA releases two ICS Advisories.
Vulnerability discovered (and patched) in Azure.
Orca released a report today detailing a vulnerability they discovered in Azure Service Fabric Explorer (SFX). The vulnerability has been reported to Microsoft, and the issue was designated CVE-2022-35829. A patch was released on Patch Tuesday earlier this month. The vulnerability, "FabriXss" (it’s pronounced “fabrics”), was found in Azure Service Fabric Explorer. Microsoft Azure Service Fabric is described as a “distributed systems platform for packaging, deploying, and managing stateless and stateful distributed applications and containers on a large scale,” and Service Fabric Explorer is “a tool for inspecting and managing Azure Service Fabric clusters.” For more on the vulnerability, see CyberWire Pro.