Unauthenticated API Endpoint Exposes Access Tokens of 50,000+ Azure AD Users
CloudSEK's BeVigil platform has uncovered a critical security vulnerability affecting an aviation industry giant, where an exposed JavaScript file containing an unauthenticated API endpoint...
CISA Alerts on Threat Actors Targeting Commvault’s Azure-Hosted App to Steal Secrets
Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that threat actors have successfully compromised Commvault's Microsoft Azure cloud environment,...
Researchers Detail New Threat-Hunting Methods Revealed to Detect Azure Managed Identity Abuse
Security researchers have released a comprehensive set of advanced threat-hunting methodologies aimed at detecting and mitigating abuse of Azure Managed Identities (MIs).
Building on...
Chinese CDN Abusing AWS & Microsoft Cloud for Hosting Malicious Websites
A recent investigation by cybersecurity firm Silent Push has uncovered a troubling trend in cybercrime: the exploitation of mainstream cloud providers like Amazon Web...
Hackers Abusing AWS & Microsoft Azure in large-scale to Launch Cyber Attacks
Silent Push, a cybersecurity research firm, has unveiled a concerning trend they term "infrastructure laundering," where threat actors exploit mainstream cloud providers such as...
