Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
techtimes

Beware Microsoft Azure Users: AutoWarp Bug Can Allow Unauthorized Access to Your Accounts

Microsoft has recently fixed a bug on the Azure Automation service, granting attackers unpermitted access to customers' sensitive information. Further details have been disclosed by the Redmond giant ...
Bleeping Computer

Microsoft shares guidance on securing Azure Cosmos DB accounts

Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, giving attackers full admin rights to users' data without ...