Security news aggregator

Latest coverage for Azure

Stay informed on Azure security with the latest insights, trends, and updates. Your hub for all Azure-related information security news.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Azure is a cloud platform offering computing, storage, and networking services that organizations use to run applications and manage data. Security in Azure depends on a shared responsibility model: Microsoft protects the physical infrastructure and core services, while users must secure their configurations, identities, and data within the environment.

Key security concerns include misconfigured access controls that expose resources, vulnerabilities in deployed applications or services, and risks from exposed management endpoints. Effective security requires enforcing least privilege through identity and access management, segmenting networks to limit lateral movement, and continuously monitoring for suspicious activity. Regular patching of workloads and careful configuration of Azure-native security features are critical to reducing attack surfaces and preventing unauthorized access or data exposure.

Showing 3 most recent headlines Filtered view
Bank Info Security 2 years, 1 month ago

Microsoft Says Azure Cloud Attack Scenario Isn't a Flaw

Redmond Calls Tenable Report Evidence of Customers Misconstruing Azure Service TagsMicrosoft is calling security research asserting a high-severity vulnerability exists in Microsoft Azure evidence that customers should better configure their cloud environments. An attacker with an Azure instance could obtain access to company resources by sending customizable HTTP requests.

Let customers interfere with other tenants? That's our cloud working by design, Redmond seems to say A vulnerability — or just Azure working as intended, depending on who you ask — in Microsoft's cloud potentially allows miscreants to wave away firewall rules and access other people's private web resources.…