Security News

Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months. "Sadly, actually getting Raven, also known as Raven Fishing, to do anything about the issue proved challenging."We immediately tried to get in touch with Raven once we discovered the open database, but did not receive a response from Raven regarding the breach," SafetyDetectives' researchers noted.

S&I Corporation has released "Atxpert AI Viewer", a new AI building security management system based on Microsoft Azure, TnM Tech's Ghost-I AI edge computing and Scenera's NICE PaaS, a managed Kubernetes service built on Microsoft Azure infrastructure. Combining these partners' technologies enables a highly scalable and easy to manage building safety and security management system.

Informatica announced it will make its Intelligent Data Management Cloud, an end-to-end AI-powered data management platform, available on Microsoft Azure Germany in response to cloud customer growth across Europe. With the new IDMC pod on Azure Germany, customers now have additional choice of data location and the ability to innovate with their data to drive the business forward.

The space community is growing rapidly and Microsoft's Space team is developing capabilities and services to meet its needs for extended connectivity across the world, simulated digital space environments, and ways for dealing with the huge amount of data generated from satellites. Stephen Kitay - the Former Deputy Assistant Secretary of Defense for Space Policy and now Senior Director at Microsoft Azure Space - shared with Help Net Security how the company is helping drive innovation both on the ground and in orbit.

D2iQ announced the availability of the D2iQ Kubernetes Platform, including D2iQ Kommander, D2iQ Konvoy, and D2iQ Kaptain, in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. The D2iQ Kubernetes Platform provides customers with the technology, services, and support they need to be successful with Kubernetes in production.

Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting. The issue, tracked as CVE-2021-26701, affects PowerShell versions 7.0 and 7.1 and have been remediated in versions 7.0.6 and 7.1.3, respectively.

Microsoft is working to fix a known issue blocking Azure Virtual Desktops devices from downloading downloading and installing recent security updates via Windows Server Update Services. "We are investigating an issue where devices running Windows 10 Enterprise multi-session, version 1909 might not be able to download updates later than May 2021," Microsoft says in the Windows Health Dashboard.

Microsoft has told Azure users to update PowerShell - if they are using versions 7.0 or 7.1 - to address a remote code execution vulnerability patched earlier this year. The tech giant has advised customers who manage their Azure resources using affected versions of the PowerShell task automation solution to update to versions 7.0.6 or 7.1.3.

Microsoft and SES, in partnership with GovSat and UK-based solutions provider GRC, came together to demonstrate how Microsoft Azure Machine Learning and Artificial Intelligence capabilities can be brought directly to end-users deployed globally in a highly secure, reliable way while maintaining network sovereignty - allowing users to exploit key Azure workloads regardless of location and drastically boosting the efficiency of critical missions. In these demonstrations the Azure Stack Mini R device was connected to a quick deployable tactical satcom terminal from GRC through the secure SATCOM connection on GovSat-1 satellite, and sent directly to Azure UK via the SES Cloud Direct service, giving connected and disconnected access to Azure services.

MITRE's Centre for Threat-Informed Defence and Microsoft have jointly rolled out Security Stack Mappings for Azure, aimed at bringing the former's Adversarial Tactics, Techniques, and Common Knowledge framework into the latter's cloud platform - with rival platforms to follow. The deal made Azure the first cloud platform to actively link to ATT&CK by mapping in-built security controls to the framework.