Security News

Details have been disclosed about a now-addressed critical vulnerability in Microsoft's Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control. The Azure Automation service allows for process automation, configuration management, and handling operating system updates within a defined maintenance window across Azure and non-Azure environments.

Microsoft has acknowledged the existence of a flaw in its Azure cloud computing service that allowed users full access to other users' accounts. As Microsoft has admitted, its service went a bit too far and "a user running an automation job in an Azure Sandbox could have acquired the Managed Identities tokens of other automation jobs, allowing access to resources within the Automation Account's Managed Identity."

Microsoft has addressed a vulnerability in the Azure Automation service that could have allowed attackers to take complete control over other Azure customers' data.Microsoft Azure Automation Service provides process automation, configuration management, and update management features, with each scheduled job running inside isolated sandboxes for each Azure customer.

Microsoft announced the general availability of hotpatching for Windows Server Azure Edition core virtual machines allowing admins to install Windows security updates on supported VMs without requiring server restarts. The feature works with newly deployed Azure virtual machines running Windows Server 2022 Datacenter: Azure Edition Core Gen2 images and is available in all global Azure regions.

Microsoft this week revealed that it had fended off a record number of distributed denial-of-service attacks aimed at its customers in 2021, three of which surpassed 2.4 terabit per second. One of the DDoS attacks took place in November, targeting an unnamed Azure customer in Asia and lasted a total of 15 minutes.

Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. "The inbox rule allowed the attackers to avoid arousing the compromised users' suspicions by deleting non-delivery reports and IT notification emails that might have been sent to the compromised user."

Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second distributed denial of service attack targeting an Azure customer from Asia in November. Two more large size attacks followed this in December, also targeting Asian Azure customers, a 3.25 Tbps UDP attack on ports 80 and 443 and a 2.55 Tbps UDP flood on port 443.

Cyberattackers are abusing Amazon Web Services and Azure Cloud services to deliver a trio of remote access trojans, researchers warned - all aimed at hoovering up sensitive information from target users. "When the initial script is executed on the victim's machine, it connects to a download server to download the next stage, which can be hosted on an Azure Cloud-based Windows server or an AWS EC2 instance."

Microsoft has revealed a vulnerability in its Azure App Service for Linux allowed the download of files that users almost certainly did not intend to be made public. Microsoft bills the Azure App Service as just the thing if you want to "Quickly and easily create enterprise-ready web and mobile apps for any platform or device, and deploy them on a scalable and reliable cloud infrastructure."

The Microsoft Azure App Service has a four-year-old vulnerability that could reveal the source code of web apps written in PHP, Python, Ruby or Node, researchers said, that were deployed using Local Git. The Azure App Service is a cloud computing-based platform for hosting websites and web applications.