Windows Report

Microsoft Azure Monitor Abused to Send Phishing Emails From Legitimate Addresses

Azure Monitor is abused to send phishing emails from real Microsoft addresses, bypassing SPF, DKIM, and DMARC checks.

Microsoft Azure Monitor alerts abused for callback phishing attacks

Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft ...
Threat Post

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...

New phishing campaign abuses legitimate Microsoft Azure Monitor notifications

Microsoft Azure Monitor alerts are being abused in a new phishing campaign.
Dark Reading

Microsoft Fixes Flaw Threatening Azure Accounts

Researchers from CyberArk today outlined a vulnerability they discovered this fall in some Microsoft OAuth 2.0 applications that could allow an attacker to hijack Azure accounts. Microsoft fixed the ...
Threat Post

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks. Microsoft has suspended 18 Azure Active ...
ZDNet

Microsoft is rolling out these security settings to protect millions of accounts. Here's what's changing

To thwart password and phishing attacks, Microsoft is rolling out security defaults to a massive number of Azure Active Directory (AD) users. Microsoft began rolling out security defaults to customers ...