Security News

Microsoft revokes insecure SSH keys for Azure DevOps customers
2021-10-12 12:00

Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies. The decision to revoke the keys was taken after GitKraken's developer Axosoft notified Microsoft on September 28 that a bug in the keypair library's pseudo-random number generator led to duplicate RSA keys being generated.

Microsoft: Azure customer hit by record DDoS attack in August
2021-10-12 08:30

Microsoft has mitigated a record 2.4 Tbps Distributed Denial-of-Service attack targeting a European Azure customer during the last week of August. "This is 140 percent higher than 2020's 1 Tbps attack and higher than any network volumetric event previously detected on Azure," said Amir Dahan, a Senior Program Manager for Azure Networking, also describing it as a User Datagram Protocol reflection attack.

Microsoft fixes bug blocking Azure Virtual Desktops security updates
2021-10-07 12:00

Microsoft has fixed a bug blocking some Azure Virtual Desktop devices from downloading and installing monthly security via Windows Server Update Services since early July. Microsoft also provides two workarounds that allow customers to apply monthly security updates on Azure Virtual Desktop systems using WSUS if they can't immediately deploy the KB5005565 CU that fixes the known issue.

New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught
2021-10-04 22:27

Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. "This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory without generating sign-in events in the targeted organization's tenant," researchers from Secureworks Counter Threat Unit said in a report published on Wednesday.

OMIGOD: Microsoft Azure VMs exploited to drop Mirai, miners
2021-09-17 15:23

Threat actors started actively exploiting the critical Azure OMIGOD vulnerabilities two days after Microsoft disclosed them during this month's Patch Tuesday.The four security flaws were found in the Open Management Infrastructure software agent silently installed by Microsoft on more than half of all Azure instances.

Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs
2021-09-17 12:17

Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by researchers from Wiz, affect a little-known software agent called Open Management Infrastructure that's automatically deployed in many Azure services -.

Microsoft asks Azure Linux admins to manually patch OMIGOD bugs
2021-09-17 12:06

Manual updates required for existing Azure VMs. While working to address these bugs, Microsoft introduced an Enhanced Security commit on August 11, exposing all the details a threat actor would need to create an OMIGOD exploit. Automatic updates disabled: manually update extension using instructions here Azure Automation State Configuration, DSC Extension On Premises.

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job
2021-09-17 04:58

Microsoft Azure users running Linux VMs in the company's Azure cloud need to take action to protect themselves against the four "OMIGOD" bugs in the Open Management Infrastructure framework, because Microsoft hasn't raced to do it for them. As The Register outlined in our report on this month's Patch Tuesday release, Microsoft included fixes for flaws security outfit Wiz spotted in OMI. Wiz named the four flaws "OMIGOD" because they are jaw-droppers.

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
2021-09-16 11:37

Four Microsoft zero-day vulnerabilities in the Azure cloud platform's Open Management Infrastructure - a software that many don't know is embedded in a host of services - show that OMI represents a significant security blind spot, researchers said. Though Microsoft patched them this week in its monthly Patch Tuesday raft of updates, their presence in OMI highlights the risk for the supply chain when companies unknowingly run code - particularly open-source code - on their systems that allows for exploitation, researchers said.

Microsoft fixes critical bugs in secretly installed Azure Linux app
2021-09-15 21:05

Microsoft has addressed four critical vulnerabilities collectively known as OMIGOD, found in the Open Management Infrastructure software agent silently installed on Azure Linux machines accounting for more than half of Azure instances. OMI is a software service for IT management with support for most UNIX systems and modern Linux platforms, used by multiple Azure services, including Open Management Suite, Azure Insights, Azure Automation.