It's a bit hard to imagine this specific problem existing outside of the Microso... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		azalemeth on Jan 17, 2024 \| parent \| context \| favorite \| on: Hacking into an insurance company by exploiting th... It's a bit hard to imagine this specific problem existing outside of the Microsoft ecosystem. I can very well imagine that there are loads of corporate resources provided through a valid O365 account that are useful for targeted hacks -- heck, the metadata in the corporate directory alone is going to be useful to a ne'er-do-well. I really can't believe they haven't changed the password. I wonder what part of their workflow that breaks?

SAI_Peregrinus on Jan 17, 2024 [–]

> I really can't believe they haven't changed the password. I wonder what part of their workflow that breaks?

Probably their single sign-on. They probably only have the one company password, shared. That's the single sign-on!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact