Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
techtimes

Beware Microsoft Azure Users: AutoWarp Bug Can Allow Unauthorized Access to Your Accounts

Microsoft has recently fixed a bug on the Azure Automation service, granting attackers unpermitted access to customers' sensitive information. Further details have been disclosed by the Redmond giant ...
ZDNet

New tool detects shadow admin accounts in AWS and Azure environments

Cyber-security firm CyberArk has released today a new free tool that can detect "shadow administrator accounts" inside cloud environments like Amazon Web Services (AWS) and Microsoft Azure. The new ...