Azure

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack 

Azure, Charlie Bell, China, Data Breaches, Microsoft, Nation-State, Russia, Security Infrastructure, SFI /

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  2025-04-21 at 22:47 By Ryan Naraine Microsoft security chief Charlie Bell says the SFI’s 28 objectives are “near completion” and that 11 others have made “significant progress.” The post Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  appeared first […]

React to this headline:

Loading spinner

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  Read More »

What’s Behind Google’s $32 Billion Wiz Acquisition?

Azure, cloud security, Featured, Funding/M&A, Google, Google Cloud, IPO, M&A Tracker, Microsoft, threat-intel, Wiz /

What’s Behind Google’s $32 Billion Wiz Acquisition? 2025-03-19 at 17:09 By Ryan Naraine News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem? The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

What’s Behind Google’s $32 Billion Wiz Acquisition? Read More »

Whispr: Open-source multi-vault secret injection tool

AWS, Azure, Don't miss, GitHub, Hot stuff, News, open source, software /

Whispr: Open-source multi-vault secret injection tool 2024-11-04 at 07:03 By Mirko Zorz Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s environment. This enhances secure local software development by seamlessly managing sensitive information. Whispr key features Safe

React to this headline:

Loading spinner

Whispr: Open-source multi-vault secret injection tool Read More »

The Cloud Latency Map measures latency across 100+ cloud regions

AWS, Azure, Google Cloud, IBM, Industry news, Kentik, Oracle /

The Cloud Latency Map measures latency across 100+ cloud regions 2024-10-29 at 16:03 By Industry News Kentik launched The Cloud Latency Map, a free public tool allowing anyone to explore the latencies measured between over 100 cloud regions worldwide. Users can identify recent changes in latencies globally between various public clouds and data center regions

React to this headline:

Loading spinner

The Cloud Latency Map measures latency across 100+ cloud regions Read More »

Azure Kubernetes Services Vulnerability Exposed Sensitive Information

Azure, Cloud, cloud security, Kubernetes /

Azure Kubernetes Services Vulnerability Exposed Sensitive Information 2024-08-21 at 14:46 By Ionut Arghire A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters. The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Azure Kubernetes Services Vulnerability Exposed Sensitive Information Read More »

Microsoft Announces Mandatory MFA for Azure

Azure, cloud security, identity, Identity & Access, MFA /

Microsoft Announces Mandatory MFA for Azure 2024-08-19 at 16:46 By Ionut Arghire Microsoft is implementing automatic enforcement of multi-factor authentication (MFA) for all Azure users starting October. The post Microsoft Announces Mandatory MFA for Azure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Announces Mandatory MFA for Azure Read More »

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data

Azure, cloud security, healthcare /

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data 2024-08-14 at 18:16 By Eduard Kovacs Azure Health Bot Service vulnerabilities found by Tenable could have been exploited for lateral movement and may have allowed customer data exposure.  The post Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data Read More »

Scout Suite: Open-source cloud security auditing tool

Alibaba Cloud, auditing, AWS, Azure, cloud security, Don't miss, GitHub, Google Cloud, Hot stuff, NCC Group, News, open source, software /

Scout Suite: Open-source cloud security auditing tool 2024-08-12 at 07:31 By Help Net Security Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier to identify potential risks. Instead

React to this headline:

Loading spinner

Scout Suite: Open-source cloud security auditing tool Read More »

Microsoft Says Azure Outage Caused by DDoS Attack Response

Azure, cloud security, DDoS, Featured, Microsoft, outage /

Microsoft Says Azure Outage Caused by DDoS Attack Response 2024-07-31 at 16:06 By Eduard Kovacs Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages. The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Azure Outage Caused by DDoS Attack Response Read More »

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft

Azure, Cloud Services, Microsoft /

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft 2024-04-24 at 14:01 By Cointelegraph by Arijit Sarkar Microsoft intends to use services like Azure OpenAI Service and Copilot for Microsoft 365 to help drive AI innovation for the Coca‑Cola Company and its network of independent bottlers worldwide. This article is an excerpt from Cointelegraph.com News

React to this headline:

Loading spinner

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft Read More »

CloudGrappler: Open-source tool detects activity in cloud environments

AWS, Azure, Cado Security, cloud security, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, Permiso, software /

CloudGrappler: Open-source tool detects activity in cloud environments 2024-03-11 at 09:07 By Mirko Zorz CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and

React to this headline:

Loading spinner

CloudGrappler: Open-source tool detects activity in cloud environments Read More »

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel

Azure, Cloud, cloud security /

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel 2024-02-12 at 18:31 By Kevin Townsend An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts. The post Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel Read More »

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI

Azure, Vulnerabilities /

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI 15/11/2023 at 18:02 By Ionut Arghire Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs. The post Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI Read More »

18 free Microsoft Azure cybersecurity resources you should check out

Azure, cloud security, Don't miss, Hot stuff, how-to, Microsoft, Microsoft Azure, News, skill development, strategy, tips, training /

18 free Microsoft Azure cybersecurity resources you should check out 20/09/2023 at 07:33 By Help Net Security Far exceeding a traditional public cloud platform, Azure is a comprehensive suite of over 200 products and cloud services engineered to solve current challenges and pave the way for the future. Whether you’re looking to build, run, or

React to this headline:

Loading spinner

18 free Microsoft Azure cybersecurity resources you should check out Read More »

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Azure, cloud security, Vulnerabilities, XSS /

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery 14/09/2023 at 16:18 By Ionut Arghire Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery. The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery Read More »

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability

Azure, Management & Strategy, Microsoft /

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability 04/08/2023 at 17:03 By Eduard Kovacs A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly. The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability Read More »

Open-source penetration testing tool BloodHound CE released

Active Directory, Azure, cybersecurity, Don't miss, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software, SpecterOps /

Open-source penetration testing tool BloodHound CE released 02/08/2023 at 06:32 By Mirko Zorz SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory (AD) and Azure (including Azure AD/Entra ID) environments. It is available for free on GitHub. Identifying simple Attack

React to this headline:

Loading spinner

Open-source penetration testing tool BloodHound CE released Read More »

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails

Azure, cloud security, email authentication, email security, Featured, Government, Microsoft, MSA key /

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps

Azure, cloud security, Microsoft, noAuth, OAuth, Vulnerabilities /

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps 20/06/2023 at 23:24 By Ryan Naraine Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits. The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps Read More »

Microsoft confirms DDoS attacks against M365, Azure Portal

Azure, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, News, OneDrive, Outlook /

Microsoft confirms DDoS attacks against M365, Azure Portal 19/06/2023 at 14:02 By Helga Labus The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed, at

React to this headline:

Loading spinner

Microsoft confirms DDoS attacks against M365, Azure Portal Read More »

Scroll to Top