azure

Microsoft’s Security Update in June of High-Risk Vulnerability Notice for Multiple Products

| | azure, Blog, Emergency Response, Exchange Server, Microsoft Office, Microsoft Security Vulnerabilities, Visual Studio Code, Windows
Overview On June 9, NSFOCUS CERT detected that Microsoft released a security update patch for June, fixing 206 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, ...
NSFOCUS
Azure Reserved VM Instance retirement timeline showing three stages - the action window before July 1, 2026, the July 1 cutoff date when new RI purchases for legacy series are blocked, and the post-expiry state where affected VMs revert to pay-as-you-go rates up to 72% higher than reserved pricing.

Azure in May 2026: The Reserved Instance Retirement Clock Is Ticking and Agents Get a New AI Stack

| | azure
Executive Summary May 2026 was dominated by one high-stakes FinOps announcement and a steady stream of developer and AI platform updates. Three things need attention now: Azure Reserved VM Instances for at ...
Usage AI
 The Hidden Security Gaps in Azure Migrations (and Why Most Teams Miss Them)

 The Hidden Security Gaps in Azure Migrations (and Why Most Teams Miss Them)

| | azure, Azure migration security, cloud migration, Cloud Security, identity management, Microsoft Azure
Azure migrations are almost always treated as infrastructure projects first, and security projects second. Why do we say this? Teams focus on uptime, performance, and moving workloads as quickly as possible, while ...
Security Boulevard
Azure portal purchase interface showing a split comparison between Azure Savings Plans and Reserved Virtual Machine Instances: the left panel shows the Azure Savings Plan purchase form with a dollar per hour commitment field, a term selector showing 1-year and 3-year options, and a coverage scope indicator showing all Azure regions and all VM families, while the right panel shows the Reserved VM Instance form with dropdown selectors for specific VM family, instance size, Azure region, operating system, and payment option, illustrating that Savings Plans require only a spend commitment while Reserved Instances require specification of the exact VM configuration

Azure Savings Plan vs Reserved Instances: Which One Actually Saves More?

| | azure, Reserved Instances
Both Azure Savings Plans and Reserved Instances reduce your Azure compute bill by committing to a term. Both require 1-year or 3-year commitments. Both apply discounts automatically without changing your infrastructure. The ...
Usage AI

Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products

| | azure, Blog, Emergency Response, Microsoft vulnerabilities, Microsoft's Security, office, SQL Server
Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products

| | azure, Blog, Emergency Response, Microsoft, Microsoft Office, Microsoft security, Microsoft SQL Server, Microsoft vulnerabilities, rce, Windows, Windows vulnerability
Overview On November 12, NSFOCUS CERT detected that Microsoft released the November Security Update patch, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Update: Dumping Entra Connect Sync Credentials

Update: Dumping Entra Connect Sync Credentials

| | Active Directory, attack-path-management, azure, Entra ID, Red Team
Recently, Microsoft changed the way the Entra Connect Connect Sync agent authenticates to Entra ID. These changes affect attacker tradecraft, as we can no longer export the sync account credentials; however, attackers ...
Posts By SpecterOps Team Members - Medium

Microsoft’s January Security Update of High-Risk Vulnerabilities in Multiple Products

| | azure, Blog, Emergency Response, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Visual Studio, Windows
Overview On January 14, NSFOCUS CERT detected that Microsoft released a security update patch for January, which fixed 159 security problems in widely used products such as Windows, Microsoft Office, Microsoft Visual ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Attacking Entra Metaverse: Part 1

Attacking Entra Metaverse: Part 1

| | attack-path-management, azure, Azure Active Directory, Offensive Security, Red Team
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the syncing mechanics between Active Directory and Entra. This first blog post is a short one, and ...
Posts By SpecterOps Team Members - Medium
Unwrapping BloodHound v6.3 with Impact Analysis

Unwrapping BloodHound v6.3 with Impact Analysis

| | Active Directory, attack-path-management, azure, BloodHound, identity security
Just in time for the holidays, sharper tools for faster defenseToday, the SpecterOps team rolled out a number of new features, product enhancements, and recommendations intended to help users of BloodHound Enterprise and ...
Posts By SpecterOps Team Members - Medium
Load more