News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?
The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.
Azure Kubernetes Services Vulnerability Exposed Sensitive Information
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.
Microsoft Announces Mandatory MFA for Azure
Microsoft is implementing automatic enforcement of multi-factor authentication (MFA) for all Azure users starting October.
The post Microsoft Announces Mandatory MFA for Azure appeared first on SecurityWeek.
Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data
Azure Health Bot Service vulnerabilities found by Tenable could have been exploited for lateral movement and may have allowed customer data exposure.
The post Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data appeared first on SecurityWeek.
Microsoft Says Azure Outage Caused by DDoS Attack Response
Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages.
The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek.
Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel
An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts.
The post Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel appeared first on SecurityWeek.
Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI
Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs.
The post Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI appeared first on SecurityWeek.
Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery
Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery.
The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek.
Microsoft Criticized Over Handling of Critical Power Platform Vulnerability
A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly.
The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek.
Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails
Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.
The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek.