Microsoft security chief Charlie Bell says the SFI’s 28 objectives are “near completion” and that 11 others have made “significant progress.”
The post Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack appeared first on SecurityWeek.
News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?
The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.
Microsoft is implementing automatic enforcement of multi-factor authentication (MFA) for all Azure users starting October.
The post Microsoft Announces Mandatory MFA for Azure appeared first on SecurityWeek.
Azure Health Bot Service vulnerabilities found by Tenable could have been exploited for lateral movement and may have allowed customer data exposure.
The post Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data appeared first on SecurityWeek.
Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages.
The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek.
An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts.
The post Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel appeared first on SecurityWeek.
Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs.
The post Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI appeared first on SecurityWeek.
Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery.
The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek.
A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly.
The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek.
