Amazon AWS
Hackers Exploit AWS & Microsoft Azure for Large-Scale Cyber Attacks
Silent Push, a cybersecurity research firm, has introduced the term "infrastructure laundering" to describe a sophisticated method used by cybercriminals to exploit legitimate cloud hosting services for illegal purposes....
Azure
Hackers Exploit OAuth 2.0 Code Flow Using AiTM Attack on Microsoft Azure AD
Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space.During the...
Azure
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory's integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control...
Azure
Azure API Management Vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and...
Azure
Researchers Backdoored Azure Automation Account Packages And Runtime Environments
Runtime environments offer a flexible way to customize Automation Account Runbooks with specific packages.While base system-generated environments can't be directly modified, they can...
Azure
Iranian Hackers Using Multi-Stage Malware To Attack Govt And Defense Sectors Via LinkedIn
Microsoft has identified a new Iranian state-sponsored threat actor, Peach Sandstorm, deploying a custom multi-stage backdoor named Tickler. This backdoor has been used to target...
Azure
Microsoft Details On Using KQL To Hunt For MFA Manipulations
It is difficult to secure cloud accounts from threat actors who exploit multi-factor authentication (MFA) settings.Threat actors usually alter compromised users' MFA attributes by...
Artificial Intelligence
Microsoft Details AI Jailbreaks And How They Can Be Mitigated
Generative AI systems comprise several components and models geared to enhancing human interactions with the system. However, while being as realistic and useful as possible,...
Azure
New Azure Hacking Campaign Steals Senior Executive Accounts
An ongoing campaign of cloud account takeover has affected hundreds of user accounts, including those of senior executives, and impacted dozens of Microsoft Azure...
Azure
8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads
Azure HDInsight has been identified with multiple Cross-Site Scripting - XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities...
Azure
Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege
Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs.Threat actors can use...