Security News

Socure announced the company will provide identity verification services for remote onboarding for individuals accessing decentralized IDs as part of the new Microsoft Azure Active Directory verifiable credentials feature in public preview. Once verified, these credentials can be used to prove an identity across different organizations to accelerate onboarding of users and enable a more trustworthy credential recovery experience.

Microsoft has revealed that Thursday's worldwide outage was caused by a code defect that allowed the Azure DNS service to become overwhelmed and not respond to DNS queries. Last night, Microsoft published a root cause analysis for this week's outage and explained that it was caused by their Azure DNS service becoming overloaded.

AVSystem announced integration of the Coiote IoT Device Management service with both Microsoft Azure IoT Hub and Amazon Web Services IoT Core via Lightweight M2M. Coiote is the first IoT device management platform in the industry to provide support for constrained IoT devices at scale for both cloud providers. This opens new opportunities for creating IoT services over low-power wide area network within Azure and AWS. By combining device energy savings and lower data consumption with existing cloud services, enterprises can reduce time to market and decrease costs for deploying IoT solutions and managing IoT operations.

Datadobi announced it has added support for Azure Blob storage in DobiProtect 5.11, enabling customers to protect their data from any NAS or cloud filesystem to Microsoft's cloud-based object storage solution. Azure Blob storage is a massively scalable and secure object storage service for data lakes, archives, cloud-native workloads, analytics, and machine learning.

A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.

A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.

A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.

Cybersecurity innovator Tiberium launched two Microsoft based services leveraging Azure Sentinel and Microsoft Defender. Founded by Kiwi, Drew Perry, the launch sees the first major step for Tiberium since closing a successful funding round and welcoming experienced security players to the Board at the turn of the year.

Attackers can abuse a wide range of Window legitimate tools, including but not limited to Microsoft Defender, Windows Update, and even the Windows Finger command. While being legitimately used by thousands of admins each day for managing their organizations' Azure fleets, their capabilities can also be used for malicious purposes, including circumventing network defense lines.

Microsoft has revealed that its Azure IaaS platform now offers free a virtual trusted platform module. Dubbed "Azure Trusted Launch for virtual machines" and launched as a preview on March 8th, Microsoft's CTO for Azure Mark Russinovich said the new offering "Allows administrators to deploy virtual machines with verified and signed bootloaders, OS kernels, and a boot policy that leverages the Trusted Launch Virtual Trusted Platform Module to measure and attest to whether the boot was compromised."