azure security

Microsoft’s advisory listing for CVE-2026-21228 has elevated the alarm for Azure administrators and cloud defenders alike: the vendor has recorded a local remote-code-execution (RCE) class vulnerability affecting Azure management components, but key technical details remain limited in the public...

Microsoft’s internal partner-vetting platform OneVet has cut fake account openings by an astonishing figure that — while company-reported and requiring independent audit — signals a notable advance in how large cloud platforms combine biometric identity verification, deepfake detection, and...

Waratek’s Locker promised a practical "bring your own security" (BYOS) approach for Java applications on Microsoft Azure — a lightweight, JVM‑embedded container that applies Runtime Application Self‑Protection (RASP) policies without touching application code — and while the idea remains...

Maharashtra’s government and Microsoft unveiled MahaCrimeOS AI on December 12, 2025 — an AI-powered, cloud-native investigative platform that promises to fast‑track cybercrime investigations across the state and expand from a pilot in 23 Nagpur police stations to an intended rollout across all...

Microsoft’s advisory that a newly recorded vulnerability, tracked as CVE‑2025‑64657, affects Azure Application Gateway and can lead to elevation of privilege has raised immediate operational questions for cloud teams: what exactly is known, how confident should defenders be in the published...

Microsoft’s Security Update Guide lists CVE-2025-64656 as an Elevation of Privilege affecting Application Gateway, but public technical detail is currently limited and the vendor’s confidence metric indicates uncertainty about how much of the exploit chain has been independently validated...

Cohesity’s recent announcement that its partnership with Microsoft has deepened across Azure, Microsoft 365, and Microsoft Security marks a consequential step in the industry’s push to couple data resilience with generative AI capabilities—an initiative the vendor says produced near‑term...

Microsoft says Azure's DDoS protection automatically detected and absorbed an unprecedented cloud-scale flood on October 24 that peaked at 15.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps) — an event the company describes as the largest DDoS attack ever observed...

AvePoint’s push to deepen Azure data protection inside its AvePoint Elements MSP platform is a clear signal that the company intends to make managed Azure protection a channel-first capability, adding misconfiguration detection, Azure environment monitoring, and enhanced anomaly detection to its...

A 4‑terabyte SQL Server backup file belonging to Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure, exposing an unencrypted .BAK backup that researchers say could have contained database schemas, stored procedures, authentication tokens, API keys, service‑account...

CVE-2025-55697 is a newly catalogued heap‑based buffer overflow in an Azure local component that allows an authorized local user to elevate privileges on an affected host; Microsoft assigned a high severity rating (CVSS 3.1 base score 7.8) and published vendor guidance that administrators should...

Microsoft has disabled a discrete set of Azure cloud and Azure AI subscriptions used by an Israeli Ministry of Defense unit after an external review found evidence that elements of investigative reporting about large‑scale collection and processing of Palestinian communications were supported by...

Microsoft’s security ecosystem currently shows no authoritative advisory for a vulnerability labelled CVE‑2025‑59247 affecting Azure PlayFab; searches of the usual vendor and industry trackers turn up no matching MSRC, NVD, or public advisory for that CVE, and community reporting around related...

Coretek’s profile on the nationally syndicated business program “Trending Today” — which aired on Fox Business and other networks — marks a clear moment in the company’s evolution from a regional systems integrator into a visible, Azure-first managed services provider focused on cloud...

Utimaco’s launch of Enterprise Key Manager as a Service (EKMaaS) for Microsoft Azure is a practical advance in cloud key custody that gives governments, public-sector organizations and regulated enterprises a hardware-backed, centrally managed option to exercise direct control over encryption...

Utimaco’s move to offer an Enterprise Key Manager as a Service that integrates with Microsoft Azure marks a pragmatic advance for organisations wrestling with data sovereignty, regulatory compliance, and cryptographic control in cloud-first architectures. The packaged service promises a fully...

Microsoft’s new Network Security Hub in Azure is a deliberate evolution of Azure Firewall Manager into a single-pane, service-aware control plane that consolidates firewalling, application-layer protection, and volumetric defense — promising simpler discoverability, unified visibility, and more...

A new Principled Technologies (PT) study — circulated as a press release and picked up by partner outlets — argues that adopting a single‑cloud approach for AI on Microsoft Azure can produce concrete benefits in performance, manageability, and cost predictability, while also leaving room for...

Korea Telecom’s shift from a fragmented file sprawl to a unified, AI-augmented knowledge layer shows how Microsoft 365 Copilot can be the hinge between legacy habits and modern information workflows, delivering faster discovery, clearer context, and measurable productivity gains across a large...

Microsoft’s 2033 Quantum‑Safe Deadline: What It Means for Windows, Azure, and Your Enterprise Microsoft has put a concrete stake in the ground for the post‑quantum era: enable early adoption of quantum‑safe capabilities by 2029 and complete the transition of its products and services by 2033...