A new EmojiDeploy attack has been found in an Azure service

Threat Level – Red | Vulnerability Report
Download PDF

The EmojiDeploy attack chain allows a threat actor to run arbitrary code, steal or delete sensitive data, and compromise a targeted application on Azure by exploiting a remote code execution vulnerability through cross-site request forgery (CSRF) on the SCM service Kudu. The attack uses a misconfigured cookie setting for the Source Code Manager (SCM) service on Azure, which sets two controls to default “Lax.”

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox