cloud security

Microsoft and the U.S. General Services Administration (GSA) have struck a governmentwide "OneGov" agreement that offers steep discounts across Microsoft 365, Azure, Dynamics 365 and associated security tools, and — critically — makes Microsoft 365 Copilot available at no cost for an initial...

A publicly exposed appsettings.json file that contained Azure Active Directory application credentials has created a direct, programmatic attack path into affected tenants — a misconfiguration that can let attackers exchange leaked ClientId/ClientSecret pairs for OAuth 2.0 access tokens and then...

Microsoft and the U.S. General Services Administration have struck a sweeping OneGov agreement that puts Microsoft’s cloud and AI stack — including Microsoft 365 Copilot, Azure services, Dynamics 365, and security tooling — on preferential terms for federal agencies, with Microsoft and GSA...

Google Drive is incredibly convenient—powerful file syncing, real-time collaboration, and tight integration with Gmail and Google Workspace—but that ease of use can quickly turn into a privacy hazard if sharing and account controls are left on autopilot. A short security sweep right now can...

August’s security headlines were dominated by a clutch of high-impact flaws — from archive utilities and consumer networking gear to enterprise-grade management consoles and cloud AI services — that together made rapid triage and patching unavoidable for defenders. Background The August 2025...

Microsoft’s new OneGov agreement with the General Services Administration promises to make Microsoft 365 Copilot effectively free for qualifying federal customers while folding deep discounts across Azure, Microsoft 365, Dynamics 365 and security tooling into a government‑wide purchasing vehicle...

Microsoft’s offer to make Copilot available at no charge to U.S. government workers marks a significant shift in how enterprise AI is being positioned for public-sector users, promising quick adoption benefits while raising immediate questions about procurement, security, and long-term costs...

Microsoft has quietly moved one of the most sensitive elements of cloud security — the Hardware Security Module — from dedicated cluster appliances into the silicon and chassis of individual Azure servers, embedding a custom Azure Integrated HSM ASIC across new fleet servers as part of a broader...

Two parallel announcements from Meta and Microsoft this week — a patched zero-click vulnerability in WhatsApp and a timetable for mandatory multi-factor authentication across Azure — crystallise a single lesson for enterprise security teams: convenience is no longer an acceptable substitute for...

Title: A practical guide to the multicloud personalities of AWS, Azure, and Google Cloud — what IT leaders should know in 2025 Lead The three hyperscalers — Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) — all provide the raw building blocks enterprises expect: VMs...

Microsoft has announced that mandatory multi‑factor authentication will soon extend beyond Azure's web consoles to command‑line and programmatic interfaces, forcing a major rethink of developer tooling and automation strategies: starting this enforcement window, any user performing create...

The Pentagon has formally ended the long‑running practice of allowing China‑based Microsoft engineers to support Department of Defense cloud environments, ordering audits and vendor reviews that could reshape how major cloud providers service U.S. government systems. The move follows an...

Borderless CS’s launch of IT Hardening Expert Services arrives at a moment when simple misconfigurations and unmaintained defaults are repeatedly exposed as the weakest links in enterprise security, and the firm is pitching a pragmatic, standards-aligned program to shrink attack surfaces across...

Microsoft’s Redmond campus erupted this week after a small group of protesters — including two current employees — forced their way into the executive suite and briefly occupied the office of company vice chair and president Brad Smith, an escalation that ended in arrests and immediate...

Life Without Barriers’ recent security refresh shows how human‑services organisations can use integrated Microsoft tooling to both reduce risk and free frontline staff for the work that matters. Background / Overview Life Without Barriers (LWB), one of Australia’s largest human‑services...

The Indian government’s cybersecurity arm has issued a high-severity alert advising organisations and individuals to urgently address a batch of patched—but still dangerous—vulnerabilities across multiple Microsoft products, including Microsoft Edge (Chromium-based), Windows Server storage...

Atturra’s rise through Microsoft’s partner ranks has been rapid and highly visible, with multiple outlets reporting that the Australian integrator has secured a significant new recognition in the hybrid and private cloud space — a development that, if fully verified, would strengthen its...

Microsoft president Brad Smith’s compact public line — “some of what was reported needs to be tested” — is the latest punctuation in a rapidly escalating crisis for Azure, Microsoft’s relationships with the Israeli security establishment, and the cloud industry’s role in wartime intelligence and...

Microsoft’s president, Brad Smith, told reporters from his office at the Redmond campus that the company will “investigate and get to the truth” after a Guardian-led investigation alleged that Israel’s Unit 8200 had used Microsoft Azure to store and process vast troves of intercepted Palestinian...

India’s national cybersecurity agency has issued a high‑severity warning about a broad set of vulnerabilities across Microsoft products — a multi‑component risk that demands immediate patching and tighter operational controls from both home users and enterprise IT teams. Background / Overview...