azure security

Microsoft’s advisory that a newly recorded vulnerability, tracked as CVE‑2025‑64657, affects Azure Application Gateway and can lead to elevation of privilege has raised immediate operational questions for cloud teams: what exactly is known, how confident should defenders be in the published...

Microsoft’s Security Update Guide lists CVE-2025-64656 as an Elevation of Privilege affecting Application Gateway, but public technical detail is currently limited and the vendor’s confidence metric indicates uncertainty about how much of the exploit chain has been independently validated...

Cohesity’s recent announcement that its partnership with Microsoft has deepened across Azure, Microsoft 365, and Microsoft Security marks a consequential step in the industry’s push to couple data resilience with generative AI capabilities—an initiative the vendor says produced near‑term...

Microsoft says Azure's DDoS protection automatically detected and absorbed an unprecedented cloud-scale flood on October 24 that peaked at 15.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps) — an event the company describes as the largest DDoS attack ever observed...

AvePoint’s push to deepen Azure data protection inside its AvePoint Elements MSP platform is a clear signal that the company intends to make managed Azure protection a channel-first capability, adding misconfiguration detection, Azure environment monitoring, and enhanced anomaly detection to its...

A 4‑terabyte SQL Server backup file belonging to Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure, exposing an unencrypted .BAK backup that researchers say could have contained database schemas, stored procedures, authentication tokens, API keys, service‑account...

CVE-2025-55697 is a newly catalogued heap‑based buffer overflow in an Azure local component that allows an authorized local user to elevate privileges on an affected host; Microsoft assigned a high severity rating (CVSS 3.1 base score 7.8) and published vendor guidance that administrators should...

Microsoft has disabled a discrete set of Azure cloud and Azure AI subscriptions used by an Israeli Ministry of Defense unit after an external review found evidence that elements of investigative reporting about large‑scale collection and processing of Palestinian communications were supported by...

Microsoft’s security ecosystem currently shows no authoritative advisory for a vulnerability labelled CVE‑2025‑59247 affecting Azure PlayFab; searches of the usual vendor and industry trackers turn up no matching MSRC, NVD, or public advisory for that CVE, and community reporting around related...

Coretek’s profile on the nationally syndicated business program “Trending Today” — which aired on Fox Business and other networks — marks a clear moment in the company’s evolution from a regional systems integrator into a visible, Azure-first managed services provider focused on cloud...

Utimaco’s launch of Enterprise Key Manager as a Service (EKMaaS) for Microsoft Azure is a practical advance in cloud key custody that gives governments, public-sector organizations and regulated enterprises a hardware-backed, centrally managed option to exercise direct control over encryption...

Utimaco’s move to offer an Enterprise Key Manager as a Service that integrates with Microsoft Azure marks a pragmatic advance for organisations wrestling with data sovereignty, regulatory compliance, and cryptographic control in cloud-first architectures. The packaged service promises a fully...

Microsoft’s new Network Security Hub in Azure is a deliberate evolution of Azure Firewall Manager into a single-pane, service-aware control plane that consolidates firewalling, application-layer protection, and volumetric defense — promising simpler discoverability, unified visibility, and more...

A new Principled Technologies (PT) study — circulated as a press release and picked up by partner outlets — argues that adopting a single‑cloud approach for AI on Microsoft Azure can produce concrete benefits in performance, manageability, and cost predictability, while also leaving room for...

Korea Telecom’s shift from a fragmented file sprawl to a unified, AI-augmented knowledge layer shows how Microsoft 365 Copilot can be the hinge between legacy habits and modern information workflows, delivering faster discovery, clearer context, and measurable productivity gains across a large...

Microsoft’s 2033 Quantum‑Safe Deadline: What It Means for Windows, Azure, and Your Enterprise Microsoft has put a concrete stake in the ground for the post‑quantum era: enable early adoption of quantum‑safe capabilities by 2029 and complete the transition of its products and services by 2033...

Microsoft Security Response Center (MSRC) now lists CVE-2025-53763 as an improper access control vulnerability in Azure Databricks that can be exploited to achieve elevation of privilege over the network, a finding that demands urgent attention from cloud and data platform administrators...

The Indian Computer Emergency Response Team (CERT-In) on 18 August 2025 issued a high‑risk advisory warning that multiple critical vulnerabilities across Microsoft’s product portfolio place millions of Windows and Office users in India — from home desktops to enterprise Azure deployments — at...

Board’s Enterprise Planning Platform has been recognized as a Microsoft Solutions Partner with the Certified Software for Azure designation, a formal nod that the company’s SaaS planning suite meets Microsoft’s technical and marketplace readiness standards for Azure-deployed enterprise software...

Microsoft’s August Patch Tuesday is one of the heavier maintenance cycles of the year: the company released patches addressing well over a hundred vulnerabilities across Windows, Office, Exchange, SQL Server and Azure services, and security teams must triage a short list of immediate priorities...