Cybersecurity firm UpGuard discovered an unprotected Microsoft Azure server managed by Pay Tel containing at least 300,000 driver’s license scans and other government-issued identification documents.
Tag: Azure
AI, Apps, Endpoint, Global Security News, malware, Network Security, Risk Management
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft says it disrupted a malware-signing service that abused Azure Artifact Signing to create fraudulent certificates used in ransomware and malware attacks. The Fox Tempest operation allegedly helped cybercriminals distribute malware disguised as trusted software to evade Windows defenses and fool users. “Fox Tempest doesn’t directly target victims but instead provides supporting services that enable…
Apps, Global Security News
Microsoft Self-Service Password Reset abused in Azure data theft attacks
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. […]
AI, Global Security News
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that “no product changes were made,” despite the researcher documenting a silent fix. […]
Global Security News, Government & Policy
Macquarie Government Strengthens Azure and Security Push with Appointment of Dr Chris Peiris
COMPANY ANNOUNCEMENT: Dr Peiris to drive world-class Microsoft Azure and Security push, combining proven cloud capabilities with long-standing sector expertise to deliver resilient, future-ready environments.
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security
Azure SRE Agent flaw let outsiders silently eavesdrop on enterprise cloud operations
A high-severity authentication flaw in Microsoft’s Azure SRE Agent exposed sensitive agent data to unauthorized network access, according to a confirmed vulnerability disclosure. The issue was identified by Enclave AI researcher Yanir Tsarimi, who detailed the findings in a blog post describing how agent interactions could be accessed without proper authentication controls. The vulnerability has…
AI, Apps, Cybersecurity, Global Security News
Cybersecurity jobs available right now: April 21, 2026
Application Security Engineer (DevSecOps / Azure DevOps) BEWAHARVEST | Philippines | Hybrid – View job details As an Application Security Engineer (DevSecOps / Azure DevOps), you will embed security across the SDLC by working with engineering and DevOps teams to implement automated security controls and testing. You will manage application security programs including SAST, DAST,…
china, Global Security News
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.
Global Security News
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials
The threat group’s shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials.
GeekGuyBlog
Native Launches With Security Control Plane for Multicloud
Discover how Native’s new security control plane enhances multicloud security management, simplifying policy enforcement across major platforms.
AI, Global Security News
Microsoft Azure Monitor alerts abused in callback phishing campaigns
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. […]
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
Bing Ads Abused to Deliver Azure-Hosted Tech Support Scams
A recently identified scam campaign is using Bing search advertisements and Microsoft Azure infrastructure to redirect users to fraudulent tech support pages, demonstrating how legitimate platforms can be misused for social engineering activity. “The tech support scam campaign had a significant initial impact, affecting users across 48 different organizations in the U.S. within a short…