api security

Box has just taken a giant leap forward in secure content management with its recent FedRAMP High Authorization—a certification that not only underlines its commitment to data security but also opens the door for U.S. government agencies and authorized contractors to leverage its innovative...

The escalating interplay between operational technology and the digital world has made critical infrastructure—not to mention the everyday technology underpinning it—a battleground for cyberthreats. Few advisories capture this more vividly than the latest disclosure by the Cybersecurity and...

In the world of industrial cybersecurity, every new advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) reads as both a technical bulletin and a stark warning. This is certainly true with the recent CISA alert centered on vulnerabilities within Subnet Solutions Inc.’s...

ChatGPT’s image-generating feature, which once brought its GPUs to the digital equivalent of a sauna meltdown, is now being let loose far beyond the core app. The floodgates have opened. OpenAI isn’t just offering this anywhere—it’s now empowering developers and enterprise partners to bake its...

When Microsoft, a perennial leviathan in enterprise software, decides to extend its embrace to a cybersecurity company, IT veterans perk up faster than a server room in a heatwave. Microsoft’s deepened relationship with Arkose Labs—provider of cross-industry account security, bot mitigation, and...

In today’s digital battleground, cybersecurity remains a paramount concern—not only for enterprises but also for everyday Windows users. A recent legal battle spearheaded by Microsoft has brought to light a sophisticated cybercrime syndicate, known as Storm-2139, that exploited the Azure OpenAI...

On February 20, 2025, cybersecurity authorities issued a critical advisory regarding the Rapid Response Monitoring My Security Account App—a tool designed for enhanced industrial control system (ICS) oversight. The advisory, originally published by CISA, detailed a significant vulnerability that...

In a troubling yet fascinating twist in the digital battleground of cybersecurity, hackers have begun weaponizing cloud computing platforms like Amazon Web Services (AWS) and Microsoft Azure to wage intricate, large-scale campaigns. These platforms, which serve as the backbone of many global...

In a bold legal move, Microsoft has initiated proceedings against what it describes as an organized group of individuals accused of exploiting its Azure OpenAI Service. This groundbreaking case shines a spotlight on the security vulnerabilities of rapidly advancing artificial intelligence (AI)...

In an escalating saga that pits one of the world's largest tech companies against alleged bad actors, Microsoft has filed a sweeping lawsuit aimed at countering the so-called "hacking-as-a-service" ecosystem. The case, filed against multiple unnamed defendants, centers on allegations of...

In a high-stakes move that reads like a scene out of a cybersecurity thriller, Microsoft has dropped the legal gauntlet on ten individuals allegedly operating a hacking-as-a-service (HaaS) scheme. This lawsuit, filed in federal court, zeroes in on their alleged illicit activities, which involved...

2025 is here, and Microsoft is swinging into action right out of the gate. In a significant legal maneuver, they’ve filed a lawsuit against 10 individuals allegedly entangled in a hacking-as-a-service racket. According to reports, these individuals are accused of exploiting Azure OpenAI...

In a bold move indicative of the increasing intersection between cybersecurity, legal warfare, and cutting-edge artificial intelligence, Microsoft has filed a lawsuit against an alleged group of hackers exploiting vulnerabilities in its Azure OpenAI services. The case, filed in a Virginia court...

In a bold move that signifies the escalating tensions between cybersecurity imperatives and artificial intelligence development, Microsoft has launched a federal lawsuit targeting an alleged hacking group for exploiting Azure OpenAI Services. This case exposes the sophisticated techniques...

Microsoft Dynamics 365 and Power Apps, two of Microsoft's powerhouse enterprise tools, recently received critical security patches addressing severe vulnerabilities. These flaws might have allowed attackers to exploit Web APIs, undermining data integrity and risking exposure of sensitive...

Original release date: October 30, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory...