{"id":2156,"date":"2021-03-17T10:57:25","date_gmt":"2021-03-17T09:57:25","guid":{"rendered":"https:\/\/www.apvnorge.no\/?p=2156"},"modified":"2021-03-17T10:59:41","modified_gmt":"2021-03-17T09:59:41","slug":"researcher-adds-his-fake-package-to-microsoft-azure-sdk-releases-list","status":"publish","type":"post","link":"https:\/\/www.apvnorge.no\/no\/researcher-adds-his-fake-package-to-microsoft-azure-sdk-releases-list\/","title":{"rendered":"Researcher adds his fake package to Microsoft Azure SDK releases list"},"content":{"rendered":"<div id=\"apvno-4122488036\" class=\"apvno-before-content apvno-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7003427967427457\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:inline-block;width:970px;height:250px;\" \ndata-ad-client=\"ca-pub-7003427967427457\" \ndata-ad-slot=\"6272152047\"><\/ins> \n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p class=\"has-text-align-justify has-black-color has-cyan-bluish-gray-background-color has-text-color has-background\">A security researcher was able to add a\u00a0counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. <strong>New package added to Azure SDK releases page<\/strong> This month security researcher Alex Birsan\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/alxbrsn\/status\/1371788009801183233\" target=\"_blank\">demonstrated<\/a>\u00a0how anyone could add their own package to the list of official Azure SDK Latest Releases. As of a few days ago, the Azure SDK releases\u00a0<a rel=\"noreferrer noopener\" href=\"http:\/\/web.archive.org\/web\/20210310091257\/https:\/\/azure.github.io\/azure-sdk\/releases\/latest\/all\/js.html\" target=\"_blank\">page\u00a0showed<\/a>\u00a0the authentic Microsoft Azure SDK releases alongside the mysterious package\u00a0<em>alexbirsantest.<\/em> <\/p>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\"><strong><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/researcher-adds-his-fake-package-to-microsoft-azure-sdk-releases-list\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.bleepingcomputer.com\/news\/security\/researcher-adds-his-fake-package-to-microsoft-azure-sdk-releases-list\/<\/a><\/strong><\/p>\n<div id=\"apvno-643018436\" class=\"apvno-after apvno-entity-placement\"><script>\r\n_adsys_id = 33949;\r\n_adsys_size = 1;\r\n<\/script>\r\n<script src=\"https:\/\/d.wedosas.net\/d.js\"><\/script>    \r\n<\/br>\r\n<div>\r\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\r\n<!-- AD-4 -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:inline-block;width:970px;height:250px\"\r\n     data-ad-client=\"ca-pub-7003427967427457\"\r\n     data-ad-slot=\"6272152047\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\r\n<a href=\"https:\/\/affiliates.ssl.com\/820-3-1-13.html\" target=\"_blank\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" style=\"border:0px\" src=\"https:\/\/i0.wp.com\/affiliates.ssl.com\/media\/banners\/SSL-banner-UC-certificate-2-v5.png?resize=640%2C79&#038;ssl=1\" width=\"640\" height=\"79\" alt=\"Microsoft Exchange SAN UCC SSL\"><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>A security researcher was able to add a\u00a0counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. New package added to Azure SDK releases page This month security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2124,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[44,7],"tags":[],"class_list":["post-2156","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hackers","category-ms-windows"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"no","enabled_languages":["en","no","cz"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"no":{"title":false,"content":false,"excerpt":false},"cz":{"title":true,"content":true,"excerpt":false}}},"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2021\/02\/images.jpg?fit=275%2C183&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9T0bk-yM","jetpack-related-posts":[],"jetpack_likes_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/posts\/2156","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/comments?post=2156"}],"version-history":[{"count":2,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/posts\/2156\/revisions"}],"predecessor-version":[{"id":2159,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/posts\/2156\/revisions\/2159"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/media\/2124"}],"wp:attachment":[{"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/media?parent=2156"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/categories?post=2156"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.apvnorge.no\/no\/wp-json\/wp\/v2\/tags?post=2156"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}