Browsing Tag
Azure
21 posts
Microsoft Disrupts Storm-2139 for LLMjacking and Azure AI Exploitation
Microsoft exposes Storm-2139, a cybercrime network exploiting Azure AI via LLMjacking. Learn how stolen API keys enabled harmful…
FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations
Discover how cybercriminals use 'Infrastructure Laundering' to exploit AWS and Azure for scams, phishing, and money laundering. Learn about FUNNULL CDN's tactics and their global impact on businesses and cybersecurity.
AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts
SUMMARY Cybersecurity researchers at Oasis Security have identified a vulnerability in Microsoft’s Multi-Factor Authentication (MFA), known as AuthQuake,…
Azure AI Vulnerabilities Allowed Attacks to Bypass Moderation Safeguards
Mindgard researchers uncovered critical vulnerabilities in Microsoft’s Azure AI Content Safety service, allowing attackers to bypass its safeguards…
Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
Alerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Shadow IT and offers solutions to prevent cloud credential leaks and secure your cloud environment.
Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO
Concerned about a potential MFA bypass in Microsoft Azure Entra ID? This article explores the research, explains the vulnerability in context, and offers actionable steps to secure your organization.
Microsoft: Storm-1283 Sent 927,000 Phishing Emails with Malicious OAuth Apps
Cloud Security Shakeup: Experts Urge Caution as OAuth Becomes Hacker Playground.
Microsoft Azure Exploited to Create Undetectable Cryptominer
esearchers have labeled this as the "ultimate cryptominer."
Reply URL Flaw Allowed Unauthorized MS Power Platform API Access
Critical Vulnerability in Microsoft Power Platform Discovered and Reported by Secureworks Researchers.
Vulnerability Enabled Bing.com Takeover, Search Result Manipulation
Cybersecurity researchers at Wiz reported the vulnerability to Microsoft and dubbed the attack “BingBang”.