cloud security

Microsoft’s public signals show an Azure Front Door elevation‑of‑privilege entry in the vendor’s Security Update Guide, but the public record is intentionally terse and the exact exploit mechanics remain opaque — forcing defenders to make policy and operational decisions with incomplete...

Microsoft’s decision to end support for TLS 1.0 and 1.1 on Azure Blob Storage has moved from warning to reality: as of February 3, 2026, Azure Storage public HTTPS endpoints now require TLS 1.2 or later, and any client negotiating TLS 1.0 or 1.1 will be rejected. Background Microsoft first...

Enterprise-targeted phishing has migrated from dodgy domains and cheap VPSes to the same cloud platforms that companies trust to run their businesses—Microsoft Azure, Google Firebase, AWS and Cloudflare—and that shift is changing how SOCs detect, investigate, and stop credential theft and MFA...

Dragos’s expanded collaboration with Microsoft marks a significant step toward bringing purpose-built operational technology (OT) security into mainstream enterprise cloud and security operations: the Dragos Platform will run on Microsoft Azure, push OT-specific telemetry and asset context into...

Microsoft has implemented a platform-wide cutoff for legacy Transport Layer Security (TLS) on Azure Blob Storage: as of February 3, 2026, Azure Storage public HTTPS endpoints will reject TLS 1.0 and TLS 1.1 handshakes, and TLS 1.2 is the enforced minimum. Background Microsoft’s decision to...

Sennheiser’s DeviceHub arrives as a practical answer to a stubborn operational problem in modern AV deployments: how to manage, monitor and secure large fleets of microphone arrays, video bars and room systems without sending engineers to every room. Announced publicly in early February 2026 and...

Azure Storage will stop accepting TLS 1.0 and TLS 1.1 connections on February 3, 2026, making TLS 1.2 the new minimum across blob, file, queue and table endpoints — a platform-wide enforcement that will break any client still negotiating the deprecated protocols. Background / Overview Microsoft...

On February 3, 2026, Microsoft enforced a platform-wide cutoff for legacy Transport Layer Security (TLS) on Azure Blob Storage: TLS 1.0 and TLS 1.1 are no longer accepted and TLS 1.2 is now the minimum required protocol for all Azure Storage public HTTPS endpoints. The cutoff applies globally to...

Microsoft has formally enforced the removal of TLS 1.0 and TLS 1.1 for Azure Blob Storage effective February 3, 2026; from this date onward Azure Storage public HTTPS endpoints will accept only TLS 1.2 or newer and any client attempting to negotiate TLS 1.0/1.1 will see connections fail. This is...

Broadcom’s security team has flagged a focused tech-support scam campaign that weaponizes Microsoft Azure’s static website endpoints—those familiar web.core.windows.net addresses—to host convincing “Windows Defender / Microsoft Security” scare pages aimed primarily at Japanese recipients, and...

Google-owned Mandiant has sounded a clear alarm: financially motivated extortion groups, including those associated with the ShinyHunters brand, are running coordinated vishing campaigns that pair real-time voice social engineering with highly convincing credential‑harvesting pages to compromise...

Microsoft has confirmed that, when it possesses a BitLocker recovery key tied to a customer’s account and receives valid legal process, it will produce that key to law enforcement — a revelation that sharply reframes how effectively BitLocker protects disk contents in practice and forces every...

CVE-2026-21227 — Azure Logic Apps path traversal (Elevation of Privilege): what you need to know, how it works, and how to defend (feature analysis) Summary (TL;DR) Microsoft’s Security Update Guide lists CVE-2026-21227: an Azure Logic Apps vulnerability described as an improper limitation of a...

Microsoft’s advisory for CVE-2026-24304 identifies an elevation-of-privilege vulnerability in Azure Resource Manager that carries outsized operational risk because of the component’s role in the Azure management plane, but public technical detail is intentionally limited and the vendor’s...

Microsoft’s security catalog now records CVE-2026-24306, an elevation-of-privilege vulnerability affecting Azure Front Door, and the public record at the time of publication is intentionally sparse: Microsoft’s advisory entry is available but rendered through a JavaScript-driven portal (so...

AI assistants wired to external tools and data are rapidly reshaping how organizations automate work — and recent disclosures show those same integrations can become high‑leverage attack rails when MCP servers are left unsecured. Background: what is an MCP server and why it matters A Model...

Microsoft's cloud productivity stack experienced a disruption on January 21, 2026, with Microsoft 365 and Microsoft Teams reporting widespread problems early in the U.S. workday and recovery messages appearing within a few hours as Microsoft traced the impact to a third‑party networking...

A quietly dangerous interaction between Azure Private Link’s DNS behavior and well-meaning Private Endpoint deployments can produce an unexpected denial-of-service effect across tenant resources — and defenders need to treat it like a design flaw, not merely a documentation footnote. Unit 42’s...

Organizations across Mexico and the United States are increasingly recognizing that true cyber resilience is not a product you can buy off a shelf but an engineered outcome achieved through an integrated, multi-layer defense-in-depth architecture that combines native cloud protections...

The cloud era keeps turning a familiar paradox: organizations say security matters most, yet the single biggest obstacle to getting cloud projects done is often the people — or more precisely, the lack of expertise to run them. New and old data converge on that inconvenient truth: in the 2016...