Azure
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory's integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control over critical Azure resources. By exploiting...
Azure
Azure API Management Vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and...
Azure
Researchers Backdoored Azure Automation Account Packages And Runtime Environments
Runtime environments offer a flexible way to customize Automation Account Runbooks with specific packages.While base system-generated environments can't be directly modified, they can...
Azure
Iranian Hackers Using Multi-Stage Malware To Attack Govt And Defense Sectors Via LinkedIn
Microsoft has identified a new Iranian state-sponsored threat actor, Peach Sandstorm, deploying a custom multi-stage backdoor named Tickler. This backdoor has been used to target...
Azure
Microsoft Details On Using KQL To Hunt For MFA Manipulations
It is difficult to secure cloud accounts from threat actors who exploit multi-factor authentication (MFA) settings.Threat actors usually alter compromised users' MFA attributes by...
Artificial Intelligence
Microsoft Details AI Jailbreaks And How They Can Be Mitigated
Generative AI systems comprise several components and models geared to enhancing human interactions with the system. However, while being as realistic and useful as possible,...
Azure
New Azure Hacking Campaign Steals Senior Executive Accounts
An ongoing campaign of cloud account takeover has affected hundreds of user accounts, including those of senior executives, and impacted dozens of Microsoft Azure...
Azure
8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads
Azure HDInsight has been identified with multiple Cross-Site Scripting - XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities...
Azure
Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege
Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs.Threat actors can use...
Azure
Critical RCE & Spoofing Vulnerabilities in Microsoft Azure Cloud Let Hackers Compromise Microsoft’s Cloud Server
Critical remote code execution and spoofing vulnerabilities that existed in the Microsoft Azure cloud infrastructure allow attackers to remotely exploiting the vulnerability and compromise...