Security News

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
2022-07-11 20:24

GitHub Actions and Azure virtual machines are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by GitHub to run an organization's pipelines and automation by maliciously downloading and installing their own cryptocurrency miners to gain profit easily," Trend Micro researcher Magno Logan said in a report last week.

Resecurity’s AI-powered solutions now available on Microsoft Azure
2022-07-07 02:55

Resecurity's AI-powered solutions provide proactive alerts and visibility of digital risks targeting the enterprise ecosystem. By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Azure customers needing comprehensive cybersecurity management and monitoring.

Microsoft Azure now has confidential VMs with ephemeral storage
2022-07-05 19:40

Microsoft has expanded its confidential computing offering and now allows Azure cloud computing service customers to create hardware isolated virtual machines with Ephemeral OS disks. With this new public preview feature, Azure customers can create ephemeral OS disks only on the local VM storage, thus ensuring that data remains 100% confidential since it will never be sent to remote Azure Storage.

Microsoft updates Azure AD with support for temporary passcodes
2022-07-01 16:05

Azure Active Directory now allows admins to issue time-limited passcodes that can be used to register new passwordless authentication methods, during Windows onboarding, or to recover accounts easier when losing credentials or FIDO2 keys. Described by Microsoft as a Temporary Access Pass, they can be utilized to register authentication details after enabling TAP in the Azure AD authentication method policy via the Azure portal.

New 'FabricScape' Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
2022-06-29 22:34

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. Azure Service Fabric is Microsoft's platform-as-a-service and a container orchestrator solution used to build and deploy microservices-based cloud applications across a cluster of machines.

Microsoft Azure FabricScape bug let hackers hijack Linux clusters
2022-06-29 10:48

Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. Additional details on how CVE-2022-30137 can be exploited to execute code and take over SF Linux clusters are available in Unit 42's report.

Microsoft fixes bug that let hackers hijack Azure Linux clusters
2022-06-29 10:48

Microsoft has fixed a container escape vulnerability in the Service Fabric application hosting platform that would allow threat actors to escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. Additional details on how CVE-2022-30137 can be exploited to execute code and take over SF Linux clusters are available in Unit 42's report.

Cybercriminals use Azure Front Door in phishing attacks
2022-06-27 03:30

Resecurity, Inc. has identified a spike in phishing content delivered via Azure Front Door, a cloud CDN service provided by Microsoft. According to experts, such tactics confirm how the bad actors are continuously looking to enhance their tactics and procedures to avoid phishing detection using world-known cloud services.

Technical Details Released for 'SynLapse' RCE Vulnerability Reported in Microsoft Azure
2022-06-15 20:13

Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The high-severity issue, tracked as CVE-2022-29972 and disclosed early last month, could have allowed an attacker to perform remote command execution and gain access to another Azure client's cloud environment.

Azure issues not adequately fixed for months, complain bug hunters
2022-06-14 13:30

Two security vendors - Orca Security and Tenable - have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure. In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January.