Microsoft said the corporate account of one of its engineers was hacked by a highly skilled threat actor that acquired a signing key used to hack dozens of Azure and Exchange accounts belonging to ...

Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that's aiming to steal sensitive data and financial assets ...

The goal of the campaign was to grab people’s Microsoft Azure cloud accounts, and steal any sensitive information found there. The crooks would either send a Docusign-enabled PDF file ...

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. Hackers target ...

Once an Azure account is compromised, the malicious actors attempt to spread their infection to other parts of the network, exfiltrating data and installing backdoors for continued access.

A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. From ...

First, the group would run SMS phishing attacks in order to obtain the passwords for Microsoft Azure admin accounts. After that, they would run a SIM-swapping attack, gaining the ability to ...

Guest users with certain billing roles can create and own subscriptions, potentially gaining persistence and privilege ...

Threat actors known as BlackCat (also known as ALPHV) are now using stolen Microsoft accounts to target Azure cloud storage business users. A report from cybersecurity researchers Sophos claims ...