Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Microsoft rejects critical Azure vulnerability report, no CVE issued

A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and ...

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
Security Boulevard

Why Your AI Strategy Is Only as Strong as Your AI Governance

Governing AI Agents and Non‑Human Identities in Oracle, SAP, and Business‑Critical SaaS A Federated Control Plane for Human and Non‑Human Identities in SOX/ITGC‑Governed ERP Environments Executive ...