Microsoft Entra User Lockout

Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised.

https://www.bleepingcomputer.com/news/microsoft/widespread-microsoft-entra-lockouts-tied-to-new-security-feature-rollout/

https://learn.microsoft.com/en-us/entra/identity/authentication/feature-availability

Erlang/OTP SSH Exploit

An exploit was published for the Erlang/OTP SSH vulnerability. The vulnerability is easy to exploit, and the exploit and a Metasploit module allow for easy remote code execution.

https://github.com/exa-offsec/ssh_erlangotp_rce/blob/main/ssh_erlangotp_rce.rb

Sonicwall Exploited

An older command injection vulnerability is now exploited on Sonicwall devices after initially gaining access by brute-forcing credentials.

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

Unpatched Vulnerability in Bubble.io

An unpatched vulnerability in the no-code platform bubble.io can be used to access any project hosted on the site.

https://github.com/demon-i386/pop_n_bubble