I'll stick with the "old ways", Open-Source, or otherwise self-hosted, where possible. Everything I can do myself, gets done myself.
I mean, this is just in the last 1.5 years. For those claiming it to be "secure" - well, it's certainly on a sliding scale of sorts:
Azure API Management Vulnerabilities Allowed Unauthorized Access -May 4th 2023
Three vulnerabilities in the Azure API Management service could be exploited for internal asset access, DoS, firewall bypass, and the upload of malicious files.
Vulnerabilities in Azure API Management service could be exploited for internal asset access, DoS, firewall bypass, and upload of malicious files.
www.securityweek.com
Three vulnerabilities in the platform's API Management Service could allow access sensitive data, mount further attacks, and even hijack developer portals.
www.darkreading.com
Misconfiguration Allowed For Manipulation of Bing Search Results, Attacks on Users - April 11th 2023
A Microsoft misconfiguration error created an opening for attackers to not only manipulate Bing search results, but to potentially steal Office 365 credentials. The good news is that the issue was discovered by a major cloud security firm, duly reported to Microsoft, and patched. The bad news is that the configuration issue is easy to accidentally replicate in Azure Active Directory multi-tenant apps, and the researchers found that about 25% of those that they scanned were vulnerable.
Wiz researchers found that a Microsoft misconfiguration error created an opening for attackers to not only manipulate Bing search results, but to potentially steal Office 365 credentials.
www.cpomagazine.com
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts Feb 1 2023
Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious
OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email.
"The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting permissions to the fraudulent apps," the tech giant
said. "This phishing campaign targeted a subset of customers primarily based in the U.K. and Ireland."
Hackers abused Microsoft's "Verified Publisher" accounts to create malicious OAuth apps as part of a vicious scheme aimed at infiltrating organization
thehackernews.com
Microsoft data breach: what we know so far - Dec 10th 2022
The global IT giant exposed thousands of users' data, but kept victims in the dark.
After SCORadar flagged a Microsoft data breach at the end of October, the company confirmed that a server misconfiguration had caused 65,000+ companies’ data to be leaked. A security lapse left an Azure endpoint available for unauthenticated access in the incident, termed “BlueBleed.”
TechHQ is influential media, creating rich and relevant stories about technology and business. We're problem solvers, using technology to turn ideas into action
techhq.com
Microsoft has confirmed that it inadvertently exposed information related to thousands of customers following a security lapse.
thehackernews.com
Russian APT29 hackers abuse Azure services to hack Microsoft 365 users - August 19 2022
Microsoft 365 users on a higher-grade E5 license enjoy a security feature named "Purview Audit" (formerly Advanced Audit). When enabled, this feature logs user agents, IP addresses, timestamps, and usernames each time an email is accessed independently of the program (Outlook, browser, Graph API). Stealthy network intruders like APT29 would rather not have their movements traced and logged. So to evade audits on compromised accounts, the hackers disable the Purview Audit feature on a targeted user before they even touch their mail folders.
The state-backed Russian cyberespionage group Cozy Bear has been particularly prolific in 2022, targeting Microsoft 365 accounts in NATO countries and attempting to access foreign policy information.
www.bleepingcomputer.com
Microsoft Employees Exposed Own Company’s Internal Logins - August 16th 2022
A cybersecurity firm found that Microsoft workers uploaded sensitive login credentials to Microsoft's own systems to GitHub.
Hussein provided Motherboard with seven examples in total of exposed Microsoft logins. All of these were credentials for Azure servers. Azure is Microsoft’s cloud computer service and is similar to Amazon Web Services. All of the exposed credentials were associated with an official Microsoft tenant ID. A tenant ID is a unique identifier linked to a particular set of Azure users. One of the GitHub users also listed Microsoft on their profile.
A cybersecurity firm found that Microsoft workers uploaded sensitive login credentials to Microsoft's own systems to GitHub.
www.vice.com
6 'nightmare' cloud security flaws were found in Azure in the last year. Does Microsoft have work to do? - June 1st 2022
They reported gaining access to databases in thousands of customer environments, or tenants, including those of numerous Fortune 500 companies. This was possible because the cloud runs on shared infrastructure — and as it turns out, that can uncover some shared risks that cloud providers thought were solved problems. If you didn’t hear about this incident from last summer, that’s probably because the hackers who broke into Microsoft’s Cosmos DB service were not cybercriminals.
“It’s concerning. And it is a pattern,” said Rich Mogull, CEO at independent security research firm Securosis and a longtime security industry analyst.
“I think that in the cloud space right now, compared to other vendors, they might be a bit behind [on security],” Alon said.
The discovery of a series of critical flaws in Azure services reveals a new form of cloud security risk.
www.protocol.com
Eh, I'll go it alone.. it's like a monthly headache for these guys.
