Security News

HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security
2021-01-11 02:00

Developed with Amazon Web Services and Microsoft Azure, each new HITRUST Shared Responsibility Matrix aligns with the cloud service provider's unique solution offering. Leading cloud service providers have long supported shared responsibility models, whereby the provider assumes some security responsibility for hosting applications and systems, while the organization deploying its solutions in the cloud assumes partial or shared responsibility for others.

CISA releases Azure, Microsoft 365 malicious activity detection tool
2020-12-28 12:48

"CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment," the US federal agency said. Sparrow checks the unified Azure/M365 audit log for indicators of compromise, lists Azure AD domains, and checks Azure service principals and their Microsoft Graph API permissions to discover potential malicious activity.

Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers
2020-12-27 22:15

The hacking endeavor was reported to the company by Microsoft's Threat Intelligence Center on December 15, which identified a third-party reseller's Microsoft Azure account to be making "Abnormal calls" to Microsoft cloud APIs during a 17-hour period several months ago. The undisclosed affected reseller's Azure account handles Microsoft Office licensing for its Azure customers, including CrowdStrike.

CrowdStrike releases free Azure security tool after failed hack
2020-12-25 14:08

Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials. While performing their investigation, CrowdStrike was told by Microsoft on December 15th that a compromised Microsoft Azure reseller's account was used to try and read CrowdStrike's emails.

Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm's CRM customers
2020-12-18 15:32

A business app developer's unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal. The blob also included FedEx shipment security documentation, internal complaints from foodstuffs firm Huel, an investment management firm, and countless others - and in at least one example seen by The Register a passport scan.

CloudKnox extends support for serverless functions on AWS, Azure, and Google Cloud
2020-12-17 02:00

CloudKnox Security extended support for serverless functions on Amazon Web Services, Azure, and Google Cloud Platform. Together, the support for serverless functions and ServiceNow integration underscore CloudKnox's market lead with the most comprehensive support offering in the cloud infrastructure entitlement management segment.

Monster Azure VM used to play Tetris in Windows Task Manager
2020-12-07 19:13

Microsoft Azure CTO Mark Russinovich utilized a monster 420 logical processor virtual machine to play Tetris using the CPU core list in Windows Task Manager. To do this, Russinovich redirected the output of a console Tetris implementation to his 'Task Manager CPU pixel array,' which is likely based on a modified version of TaskManagerBitmap project.

Microsoft announces Azure cloud for top secret government data
2020-12-07 11:30

Microsoft today announced the launch of a new offering for its mission-critical Azure Government cloud targeted at government customers and partners that regularly work with top-secret classified data. "Today, we are announcing the expansion of our mission-critical cloud for US Government with new capabilities in Azure Government, the expansion of Azure Government Secret, and the announcement of a new cloud to serve customers with Top Secret classified data-Azure Government Top Secret," Tom Keane, corporate vice president of Microsoft's Azure Global, said.

AirHop joins Azure 4G/5G ecosystem
2020-12-07 01:30

AirHop Communications announced the integration of its solutions with Microsoft Azure platforms. The integration of AirHop's eSON platform enables network deployments with Microsoft Azure platforms to use near real-time Radio Access Networks automation and optimization applications to accelerate 4G and 5G deployments for operator and private enterprise networks.

Exoprise CloudReady now available in the Microsoft Azure Marketplace
2020-12-04 01:30

Exoprise announced the availability of its CloudReady solution in the Microsoft Azure Marketplace. The solution available in the Azure Marketplace offers two plans.