You can trust VideoGamer. Our team of gaming experts spend hours testing and reviewing the latest games, to ensure you're reading the most comprehensive guide possible. Rest assured, all imagery and advice is unique and original. Check out how we test and review games here
A cloud-security research has recently hacked into Bing, and has apparently ‘altered search results for millions’ while also ‘taking over millions of Office365 accounts.’
Hillai Ben-Sasson, who is responsible for exposing this vulnerability, has named this the #BingBang. After sharing an example of what exactly the hack entails, he also showed exactly how it was completed.
He shared an example of how he was able to change the search result for ‘best soundtracks’ on the Bing search engine, through an exploit that is centred around Azure, Microsoft’s own cloud computing service.
After finding a “strange configuration in Azure” Mr. Ben-Sasson wrote “I found a Microsoft app configured like this, and … just logged in.” This sounds far too easy, though he had a Wiz research team supporting him too.
After using the exploit to get admin rights for the Bing Trivia webpage, the hacker found out that he also had total control of the search engine results page.
The exploit has since been patched by Microsoft, though not before Ben-Sasson changed the best soundtrack from Denis Villenueve’s Dune to Hackers, a cult classic film from the 90s that, expectedly, is about hackers.
After revealing this huge vulnerability to Microsoft, Ben-Sasson and his research team were awarded with a $40,000 bounty which they have pledged to donate.
You can read a full report on the technical details of this exploit on the Wiz team’s webpage. Following on from the recent Linus Tech Tips hack, and the uptick in AI dependency, it’s becoming increasingly important that we focus on cybersecurity.
About the Author
