资讯

SecurityWeek2 天
Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack
Microsoft security chief Charlie Bell says the SFI's 28 objectives are “near completion” and that 11 others have made ...
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of ...
The Hacker News3 天
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft secures MSA and Entra ID with Azure Confidential VMs + HSM, preventing token forgery and reducing breach risks.
Microsoft Entra account lockouts caused by user token logging mishap
Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens ...
来自MSN8 个月
Microsoft says all Azure sign-ins will now need to use multi-factor authentication to ...
Microsoft has announced all Azure sign-ins will soon have to use multi-factor authentication (MFA) to enhance account security. The authentication methods offered by the Azure platform include ...
来自MSN23 天
Don't fall for a mail asking for rapid Docusign action – it may be an Azure account ...
and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure.… After taking over victims' accounts, the miscreants signed into new devices using ...
CRN4 年
CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers
The suspected Russian hackers behind the massive SolarWinds attack attempted to hack CrowdStrike through a Microsoft reseller’s Azure account but were ultimately unsuccessful, CrowdStrike says.