Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
techtimes

Beware Microsoft Azure Users: AutoWarp Bug Can Allow Unauthorized Access to Your Accounts

Microsoft has recently fixed a bug on the Azure Automation service, granting attackers unpermitted access to customers' sensitive information. Further details have been disclosed by the Redmond giant ...
Bleeping Computer

Ongoing Microsoft Azure account hijacking campaign targets executives

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. Hackers target executives' ...
SiliconANGLE

Proofpoint uncovers account takeover campaign targeting Azure users

Proofpoint Inc. researchers have uncovered a hacking campaign that seeks to compromise Azure accounts in a bid to steal data and carry out financial fraud. The email security provider detailed the ...
Security Boulevard

How to Set Up Azure Trusted Signing to Sign an EXE?

Windows, antivirus engines, and enterprise security tools all expect executables to be digitally signed. Previously, developers purchased an EV Code Signing Certificate, stored it on a USB token or ...