Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...
Bleeping Computer

Microsoft shares guidance on securing Azure Cosmos DB accounts

Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, giving attackers full admin rights to users' data without ...
Forbes

Microsoft Issues Mandatory 2FA Login Deadline Alert

Microsoft's public cloud computing platform, Azure, was recently targeted by a cyberattack that led to a multi-hour outage. While a newly announced mandatory two-factor authentication login ...

Microsoft fixes dozens of security flaws in Windows, Office, and Azure

This month's big batch of security updates addresses nearly 60 vulnerabilities across Microsoft's various products and ...
Ars Technica

Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA

Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that’s aiming to steal sensitive data and financial assets ...
Dark Reading

Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps

The Storm-0558 breach that gave Chinese advanced persistent threat (APT) actors access to emails within at least 25 US government agencies could be much further-reaching and impactful than anyone ...