Azure

Azure Kubernetes Services Vulnerability Exposed Sensitive Information

Azure, Cloud, cloud security, Kubernetes /

Azure Kubernetes Services Vulnerability Exposed Sensitive Information 2024-08-21 at 14:46 By Ionut Arghire A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters. The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Azure Kubernetes Services Vulnerability Exposed Sensitive Information Read More »

Microsoft Announces Mandatory MFA for Azure

Azure, cloud security, identity, Identity & Access, MFA /

Microsoft Announces Mandatory MFA for Azure 2024-08-19 at 16:46 By Ionut Arghire Microsoft is implementing automatic enforcement of multi-factor authentication (MFA) for all Azure users starting October. The post Microsoft Announces Mandatory MFA for Azure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Announces Mandatory MFA for Azure Read More »

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data

Azure, cloud security, healthcare /

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data 2024-08-14 at 18:16 By Eduard Kovacs Azure Health Bot Service vulnerabilities found by Tenable could have been exploited for lateral movement and may have allowed customer data exposure.  The post Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data Read More »

Scout Suite: Open-source cloud security auditing tool

Alibaba Cloud, auditing, AWS, Azure, cloud security, Don't miss, GitHub, Google Cloud, Hot stuff, NCC Group, News, open source, software /

Scout Suite: Open-source cloud security auditing tool 2024-08-12 at 07:31 By Help Net Security Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier to identify potential risks. Instead

React to this headline:

Loading spinner

Scout Suite: Open-source cloud security auditing tool Read More »

Microsoft Says Azure Outage Caused by DDoS Attack Response

Azure, cloud security, DDoS, Featured, Microsoft, outage /

Microsoft Says Azure Outage Caused by DDoS Attack Response 2024-07-31 at 16:06 By Eduard Kovacs Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages. The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Azure Outage Caused by DDoS Attack Response Read More »

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft

Azure, Cloud Services, Microsoft /

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft 2024-04-24 at 14:01 By Cointelegraph by Arijit Sarkar Microsoft intends to use services like Azure OpenAI Service and Copilot for Microsoft 365 to help drive AI innovation for the Coca‑Cola Company and its network of independent bottlers worldwide. This article is an excerpt from Cointelegraph.com News

React to this headline:

Loading spinner

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft Read More »

CloudGrappler: Open-source tool detects activity in cloud environments

AWS, Azure, Cado Security, cloud security, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, Permiso, software /

CloudGrappler: Open-source tool detects activity in cloud environments 2024-03-11 at 09:07 By Mirko Zorz CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and

React to this headline:

Loading spinner

CloudGrappler: Open-source tool detects activity in cloud environments Read More »

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel

Azure, Cloud, cloud security /

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel 2024-02-12 at 18:31 By Kevin Townsend An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts. The post Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel Read More »

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI

Azure, Vulnerabilities /

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI 15/11/2023 at 18:02 By Ionut Arghire Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs. The post Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI Read More »

18 free Microsoft Azure cybersecurity resources you should check out

Azure, cloud security, Don't miss, Hot stuff, how-to, Microsoft, Microsoft Azure, News, skill development, strategy, tips, training /

18 free Microsoft Azure cybersecurity resources you should check out 20/09/2023 at 07:33 By Help Net Security Far exceeding a traditional public cloud platform, Azure is a comprehensive suite of over 200 products and cloud services engineered to solve current challenges and pave the way for the future. Whether you’re looking to build, run, or

React to this headline:

Loading spinner

18 free Microsoft Azure cybersecurity resources you should check out Read More »

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Azure, cloud security, Vulnerabilities, XSS /

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery 14/09/2023 at 16:18 By Ionut Arghire Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery. The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery Read More »

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability

Azure, Management & Strategy, Microsoft /

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability 04/08/2023 at 17:03 By Eduard Kovacs A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly. The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability Read More »

Open-source penetration testing tool BloodHound CE released

Active Directory, Azure, cybersecurity, Don't miss, GitHub, Microsoft Azure, Microsoft Entra ID, News, open source, penetration testing, software, SpecterOps /

Open-source penetration testing tool BloodHound CE released 02/08/2023 at 06:32 By Mirko Zorz SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory (AD) and Azure (including Azure AD/Entra ID) environments. It is available for free on GitHub. Identifying simple Attack

React to this headline:

Loading spinner

Open-source penetration testing tool BloodHound CE released Read More »

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails

Azure, cloud security, email authentication, email security, Featured, Government, Microsoft, MSA key /

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps

Azure, cloud security, Microsoft, noAuth, OAuth, Vulnerabilities /

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps 20/06/2023 at 23:24 By Ryan Naraine Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits. The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps Read More »

Microsoft confirms DDoS attacks against M365, Azure Portal

Azure, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, News, OneDrive, Outlook /

Microsoft confirms DDoS attacks against M365, Azure Portal 19/06/2023 at 14:02 By Helga Labus The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed, at

React to this headline:

Loading spinner

Microsoft confirms DDoS attacks against M365, Azure Portal Read More »

Microsoft, GitHub announce application security testing tools for Azure DevOps

Application Security, Azure, DevOps, Don't miss, GitHub, News, scanning, software development /

Microsoft, GitHub announce application security testing tools for Azure DevOps 24/05/2023 at 14:34 By Zeljka Zorz GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub Advanced Security for Azure DevOps (Source: Microsoft) What is GitHub Advanced Security for Azure DevOps? GitHub

React to this headline:

Loading spinner

Microsoft, GitHub announce application security testing tools for Azure DevOps Read More »

Scroll to Top