Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...
Bleeping Computer

Microsoft shares guidance on securing Azure Cosmos DB accounts

Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, giving attackers full admin rights to users' data without ...
Forbes

Microsoft Issues Mandatory 2FA Login Deadline Alert

Microsoft's public cloud computing platform, Azure, was recently targeted by a cyberattack that led to a multi-hour outage. While a newly announced mandatory two-factor authentication login ...
Dark Reading

Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps

The Storm-0558 breach that gave Chinese advanced persistent threat (APT) actors access to emails within at least 25 US government agencies could be much further-reaching and impactful than anyone ...
Ars Technica

Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA

Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that’s aiming to steal sensitive data and financial assets ...
CSOonline

Attack campaign targeting Azure environments compromised hundreds of accounts

The attack targeted people with senior-level titles through a phishing campaign enabled by other compromised accounts within the organizations. Security researchers warn that an ongoing cloud account ...