Originally published by CrowdStrike. Cloud computing has become the backbone for modern businesses due to its scalability, flexibility and cost-efficiency. As organizations choose cloud service providers to power their technological transformations, they must also properly secure their cloud environments to protect sensitive data, maintain privacy and comply with...
For the most part, banks were standing safely on the sidelines last week when Microsoft delivered security vulnerability notices to its Azure cloud computing clients. The Redmond, Washington, company warned of separate security vulnerabilities related to an Azure database and the Power Apps portal, both discovered by security researchers the past few months and...
Originally published by Adaptive Shield. Written by Hananel Livneh. In recent weeks, a concerning wave of cyber attacks has been targeting Microsoft Azure environments, compromising crucial user accounts, including those of senior executives. Proofpoint researchers have identified an ongoing malicious campaign, which utilizes sophisticated techniques like credential...
Originally published by CrowdStrike. Azure cross-tenant synchronization (CTS) was made generally available on May 30, 2023, and introduced a new attack surface on Microsoft Entra ID (formerly Azure Active Directory) where attackers can move laterally to a partner tenant or create a backdoor on an existing tenant. CrowdStrike showcases two observed attack paths to...