Security News
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.
Cybersecurity innovator Tiberium launched two Microsoft based services leveraging Azure Sentinel and Microsoft Defender. Founded by Kiwi, Drew Perry, the launch sees the first major step for Tiberium since closing a successful funding round and welcoming experienced security players to the Board at the turn of the year.
Attackers can abuse a wide range of Window legitimate tools, including but not limited to Microsoft Defender, Windows Update, and even the Windows Finger command. While being legitimately used by thousands of admins each day for managing their organizations' Azure fleets, their capabilities can also be used for malicious purposes, including circumventing network defense lines.
Microsoft has revealed that its Azure IaaS platform now offers free a virtual trusted platform module. Dubbed "Azure Trusted Launch for virtual machines" and launched as a preview on March 8th, Microsoft's CTO for Azure Mark Russinovich said the new offering "Allows administrators to deploy virtual machines with verified and signed bootloaders, OS kernels, and a boot policy that leverages the Trusted Launch Virtual Trusted Platform Module to measure and attest to whether the boot was compromised."
Strata announced at Microsoft Ignite that its Maverics Identity Orchestrator platform for Microsoft Azure Active Directory enables organizations to migrate applications to the Cloud without rewriting them so identity can be centrally managed by Azure AD. In addition, Strata allows companies to modernize on-premises apps by extending Azure AD authentication and access control capabilities to them with no code changes. Strata makes it possible to transition applications to Azure AD with no user experience changes and no burden on application teams, so organizations can manage and enforce consistent access across hybrid cloud environments.
IOTech announced the launch and availability of Edge XRT, its time-critical edge platform for Microsoft Azure Sphere. Designed and optimized for resource-constrained environments, Edge XRT delivers out-of-the-box device connectivity and edge intelligence for microcontroller units, gateways and smart sensors at the IoT edge.
Microsoft has said it will add end-to-end encryption for some one-to-one Teams calls later this year - and urged folks to move away from using passwords with Azure AD. The Teams improvements, announced at the tech giant's Ignite conference this week, will be available "To commercial customers in preview in the first half of this year." Video conferencing rival Zoom offers end-to-end encryption with a few caveats and additional steps, and that appears to be more or less the approach Microsoft will take, too.
Lunavi announces the launch of its new Azure Adoption Program aligned with the Microsoft Cloud Adoption Framework. The program helps enterprise customers rapidly transition from their current on-premise infrastructure to a secure Azure cloud environment that takes advantage of best practices in security, governance, and optimization.