cloud security

On February 3, 2026, Microsoft enforced a platform-wide cutoff for legacy Transport Layer Security (TLS) on Azure Blob Storage: TLS 1.0 and TLS 1.1 are no longer accepted and TLS 1.2 is now the minimum required protocol for all Azure Storage public HTTPS endpoints. The cutoff applies globally to...

Microsoft has formally enforced the removal of TLS 1.0 and TLS 1.1 for Azure Blob Storage effective February 3, 2026; from this date onward Azure Storage public HTTPS endpoints will accept only TLS 1.2 or newer and any client attempting to negotiate TLS 1.0/1.1 will see connections fail. This is...

Broadcom’s security team has flagged a focused tech-support scam campaign that weaponizes Microsoft Azure’s static website endpoints—those familiar web.core.windows.net addresses—to host convincing “Windows Defender / Microsoft Security” scare pages aimed primarily at Japanese recipients, and...

Google-owned Mandiant has sounded a clear alarm: financially motivated extortion groups, including those associated with the ShinyHunters brand, are running coordinated vishing campaigns that pair real-time voice social engineering with highly convincing credential‑harvesting pages to compromise...

Microsoft has confirmed that, when it possesses a BitLocker recovery key tied to a customer’s account and receives valid legal process, it will produce that key to law enforcement — a revelation that sharply reframes how effectively BitLocker protects disk contents in practice and forces every...

CVE-2026-21227 — Azure Logic Apps path traversal (Elevation of Privilege): what you need to know, how it works, and how to defend (feature analysis) Summary (TL;DR) Microsoft’s Security Update Guide lists CVE-2026-21227: an Azure Logic Apps vulnerability described as an improper limitation of a...

Microsoft’s advisory for CVE-2026-24304 identifies an elevation-of-privilege vulnerability in Azure Resource Manager that carries outsized operational risk because of the component’s role in the Azure management plane, but public technical detail is intentionally limited and the vendor’s...

Microsoft’s security catalog now records CVE-2026-24306, an elevation-of-privilege vulnerability affecting Azure Front Door, and the public record at the time of publication is intentionally sparse: Microsoft’s advisory entry is available but rendered through a JavaScript-driven portal (so...

AI assistants wired to external tools and data are rapidly reshaping how organizations automate work — and recent disclosures show those same integrations can become high‑leverage attack rails when MCP servers are left unsecured. Background: what is an MCP server and why it matters A Model...

Microsoft's cloud productivity stack experienced a disruption on January 21, 2026, with Microsoft 365 and Microsoft Teams reporting widespread problems early in the U.S. workday and recovery messages appearing within a few hours as Microsoft traced the impact to a third‑party networking...

A quietly dangerous interaction between Azure Private Link’s DNS behavior and well-meaning Private Endpoint deployments can produce an unexpected denial-of-service effect across tenant resources — and defenders need to treat it like a design flaw, not merely a documentation footnote. Unit 42’s...

Organizations across Mexico and the United States are increasingly recognizing that true cyber resilience is not a product you can buy off a shelf but an engineered outcome achieved through an integrated, multi-layer defense-in-depth architecture that combines native cloud protections...

The cloud era keeps turning a familiar paradox: organizations say security matters most, yet the single biggest obstacle to getting cloud projects done is often the people — or more precisely, the lack of expertise to run them. New and old data converge on that inconvenient truth: in the 2016...

Microsoft's announcement that Azure will protect data not only at rest and in transit but while it’s being processed marks a significant shift in cloud security: Azure Confidential Compute places sensitive data inside Trusted Execution Environments (TEEs) so that even plaintext values inside...

Businesses moving to Microsoft Azure are increasingly doing it with a partner at their side: a new NetEnrich survey shows most organizations are “very likely” to hire a managed services provider to migrate to or manage Azure, and they point to security, backups and disaster recovery as the...

OMV’s security team says moving its core SOC to Microsoft Sentinel cut incident resolution time in half while unifying disparate telemetry under Microsoft Defender XDR—and the deployment reads like a textbook example of modern SOC consolidation: cloud-native SIEM, customer-managed encryption...

EssFeed’s “Top 10 Insider Threat Detection Tools in the World — 2025” is a useful primer that names ten widely deployed solutions — Varonis, ObserveIT (Proofpoint), Microsoft Sentinel, Splunk Enterprise Security, Sumo Logic, Forcepoint Insider Threat Detection, CyberArk, Teramind, Digital...

Astra’s new Cloud Vulnerability Scanner arrives as a direct answer to one of cloud security’s most persistent headaches: overwhelming misconfiguration noise and the disconnect between detected issues and real-world exploitability. The product promises continuous, agentless posture monitoring...

Astra’s new Cloud Vulnerability Scanner promises to turn noisy cloud posture data into actionable, validated risk by combining continuous, agentless discovery with an “offensive‑grade” validation engine that attempts exploit paths and confirms whether reported misconfigurations and weaknesses...

Google’s proposed purchase of cloud-security vendor Wiz has triggered a fresh wave of industry pushback in Europe, with the Cloud Infrastructure Service Providers in Europe (CISPE) warning regulators that the deal could produce a “multiplier effect” that locks customers into a single...