Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

134
active users

veganism.social: AboutStatusPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7+vegan

#cloudsecurity

2 posts2 participants0 posts today
Public
Efani

🚨 Microsoft just moved MSA token signing to Azure Confidential VMs, a major step forward in securing its identity infrastructure after the high-profile Storm-0558 breach.

This move, along with the ongoing migration of Entra ID signing services, is part of Microsoft’s broader Secure Future Initiative (SFI) — described as the largest cybersecurity engineering project in its history.

Here’s what’s changing:
- MSA signing keys now protected inside Azure Confidential VMs
- Entra ID token signing is also being migrated to confidential infrastructure
- Access tokens are generated, stored, and auto-rotated via Azure-managed HSM
- 90% of identity tokens for Microsoft apps now validated via hardened SDKs
- 92% of Microsoft productivity accounts use phishing-resistant MFA
- 81% of production code branches are protected with proof-of-presence MFA
- Security logs have a mandatory 2-year retention period
- A new tenant provisioning system auto-registers tenants into the emergency response process

Microsoft is also piloting isolated customer support environments to reduce lateral movement, a direct response to risks exposed in the 2023 Storm-0558 breach, which involved forged Entra ID tokens using a compromised MSA key.

The attack, attributed to a China-linked threat group, led to unauthorized email access across U.S. and European entities.

This update builds on the lessons from the U.S. Cyber Safety Review Board (CSRB) report and pushes forward a model where signing keys, support processes, and token validation are more tightly controlled than ever before.

At @Efani, we support these kinds of structural shifts — because real security isn’t just about patching flaws after the fact, it’s about re-engineering trust from the foundation up.

#CyberSecurity#Microsoft#EntraID
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

Google's GRR (GRR Rapid Response) is an open-source framework for remote live forensics and incident response. It allows security teams to investigate systems at scale without interrupting operations. Used for data collection, analysis, and hunting. #CyberSecurity #DFIR

🔗 Project link on #GitHub 👉 github.com/google/grr

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
ZeroDaily

🚨 A new XORDDoS Trojan campaign is targeting Linux systems globally, with U.S. orgs hit hardest. Attackers use SSH brute-force and Docker exploits, evolving C2 tactics to evade detection. Discover infection chains, persistence tricks, and actionable defense tips!

Learn more: zerodaily.me/blog/2025-04-18-x

ZeroDaily - Cybersecurity News · XORDDoS Trojan: 2023–2025 Global Linux DDoS Campaigns, Evolving Infrastructure, and U.S. TargetingA new wave of XORDDoS Trojan attacks has targeted Linux systems worldwide, with a dramatic rise in U.S. victims and evolving command-and-control infrastructure. Here’s what defenders need to know about infection vectors, persistence, and mitigation.
#CyberSecurity#Linux#Malware
Public
Annexus Technologies

Is your business ready for seamless IT solutions? At Annexus Technologies, we offer tailored, secure, and scalable remote IT services to keep your operations running smoothly.

🔒 Secure your infrastructure
⚙️ Streamline your processes
📈 Enhance productivity

Contact us today to explore how we can support your IT needs: booknow.annexustech.com/#/cust

#VideoSurveillance#CloudSecurity#EagleEyeNetworks
Public
cloudtech_2025

🚀 Ready to scale your business in the smart way?
Cloud scalability isn’t just about growth — it’s about performance, security, and flexibility.

In our latest blog, we explore: ✅ 7 real benefits of scalable cloud services
✅ How to use cloud management + security services
✅ Why 2025 will be shaped by smart cloud architecture

🔗 skywinds.tech/7-benifits-of-cl

Skywinds Solutions · Cloud Management Services: 7 Benefits For Every OrganizationMost companies in various sectors use cloud management services for optimizing and automating IT processes to maximize efficiency and productivity.
#CloudComputing#OpenSource#DigitalTransformation
VegansExploreLive feeds
About