All news with #azure key vault tag

Microsoft Expands Sovereign Cloud Capabilities, EU Focus

🛡️ Microsoft announced expanded sovereign cloud offerings aimed at helping governments and enterprises meet regulatory and resilience requirements across Europe and beyond. The update includes end-to-end AI data processing within an EU Data Boundary, expanded Microsoft 365 Copilot in-country processing to 15 countries and additional rollouts through 2026, plus a refreshed Sovereign Landing Zone for simplified deployment of sovereign controls. Azure Local gains increased scale, external SAN support, and NVIDIA RTX Pro 6000 Blackwell GPUs for high-performance on-prem AI, along with planned disconnected operations. A new Digital Sovereignty specialization gives partners a way to validate and badge their sovereign-cloud expertise.

Migration to Azure SQL Drives Operational and AI Gains

🚀 This Microsoft case study showcases how three organizations—Thomson Reuters, Hexure, and CallRevu—jumpstarted modernization by migrating on-premises SQL workloads to Azure SQL Managed Instance and complementary Azure services. The migrations reduced operational overhead, improved resiliency, and enabled faster deployments. Customers reported dramatic performance improvements, shorter migration windows, and a scalable foundation for AI-driven features and insights.

Azure AD Client Credentials Exposed in Public appsettings

🔒 Resecurity’s HUNTER Team discovered that ClientId and ClientSecret values were inadvertently left in a publicly accessible appsettings.json file, exposing Azure AD credentials. These secrets permit direct authentication against Microsoft’s OAuth 2.0 endpoints and could allow attackers to impersonate trusted applications and access Microsoft 365 data. The exposed credentials could be harvested by automated bots or targeted adversaries. Organizations are advised to remove hardcoded secrets, rotate compromised credentials immediately, restrict public access to configuration files and adopt centralized secrets management such as Azure Key Vault.

Storm-0501 Shifts to Cloud-Based Ransomware Tactics

🔒 Microsoft Threat Intelligence reports that financially motivated actor Storm-0501 has shifted from on‑premises endpoint encryption toward cloud‑native ransomware tactics emphasizing rapid data exfiltration, destruction of backups, and extortion. The actor leverages compromised Entra Connect sync accounts, DCSync, and hybrid‑joined devices to escalate to Global Administrator and gain full Azure control. In cloud environments they abuse Azure operations (listing storage keys, AzCopy exfiltration, snapshot and resource deletions) and create malicious federated domains for persistence and impersonation. Microsoft recommends hardening sync configurations, enforcing phishing‑resistant MFA, enabling Defender for Cloud and storage protections, and applying least‑privilege access controls.