Security News

IOTech announced the launch and availability of Edge XRT, its time-critical edge platform for Microsoft Azure Sphere. Designed and optimized for resource-constrained environments, Edge XRT delivers out-of-the-box device connectivity and edge intelligence for microcontroller units, gateways and smart sensors at the IoT edge.

Microsoft has said it will add end-to-end encryption for some one-to-one Teams calls later this year - and urged folks to move away from using passwords with Azure AD. The Teams improvements, announced at the tech giant's Ignite conference this week, will be available "To commercial customers in preview in the first half of this year." Video conferencing rival Zoom offers end-to-end encryption with a few caveats and additional steps, and that appears to be more or less the approach Microsoft will take, too.

Lunavi announces the launch of its new Azure Adoption Program aligned with the Microsoft Cloud Adoption Framework. The program helps enterprise customers rapidly transition from their current on-premise infrastructure to a secure Azure cloud environment that takes advantage of best practices in security, governance, and optimization.

ZEDEDA announced an integration with Microsoft Azure IoT services that provides customers with full lifecycle management capabilities, single-click bulk provisioning, risk-free updates and a built-in app marketplace. "With scale and security, they can instantly deploy all Azure IoT Edge services on large fleets of nodes with a single click and manage the full lifecycle of both the software and hardware."

AWS and Azure users will achieve significant performance improvements and cost reductions with the launch of the new CloudOps Active Management Solution from igroup. Installed on any new or existing Azure or AWS infrastructure, allows companies using it to concentrate on delivering higher quality applications and services in the cloud rather than spending time supporting and managing their cloud.

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company's internal systems or products to attack other victims. "We have now completed our internal investigation into the activity of the actor which confirms that we found no evidence of access to production services or customer data," the company said in a blog post on its Microsoft Security Response Center published Thursday.

Microsoft has completed its internal investigation about the Solorigate security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions. The attackers viewed some files here and there, but they also managed to download source code from a "Small number of repositories," and this includes the code for some important Microsoft Azure components.

Microsoft has admitted that as a result of installing backdoored SolarWinds tools in some parts of its corporate network, portions of its source code was obtained and exfiltrated by parties unknown. "There was no case where all repositories related to any single product or service was accessed," the update advises, adding: "There was no access to the vast majority of source code. For nearly all of code repositories accessed, only a few individual files were viewed as a result of a repository search."

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to view source code related to its products and services.

Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.