Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links

Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations. [TechWeb]( Follow Dark Reading: [RSS]( September 19, 2023 LATEST SECURITY NEWS & COMMENTARY [Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links]( Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations. [LockBit Is Using RMMs to Spread Its Ransomware]( The LockBit group is using native IT management software to live off the land, planting and then spreading itself before deploying its ransomware. ['ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks]( The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms. [A Playbook for Bridging Africa's Cybersecurity Skills Shortage]( A pledge to solve the skills and talent shortage by the US government has seen one Nigerian company join the effort and aid Africa. [How to Get Your Board on Board With Cybersecurity]( CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscape. [Dragos Raises $74M in Latest Funding Round]( The funds will be used to expand its global presence beyond Europe and the US. [(Sponsored Article) Facing Third-Party Threats With Non-Employee Risk Management]( As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Okta Agent Involved in MGM Resorts Breach, Attackers Claim]( ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely. [DoD: China's ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage]( Escalating incursions into military base infrastructure, telecom networks, utilities, and more signal that Beijing is laying the groundwork for mass disruption. [How to Mitigate Cybersecurity Risks From Misguided Trust]( Trust is the crucial bridge between security and people, but excessive or misguided trust can pose serious security risks. [MORE]( EDITORS' CHOICE ['Scattered Spider' Behind MGM Cyberattack, Targets Casinos]( The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions. LATEST FROM THE EDGE [Security Conferences Keep Us Honest]( Conferences are where vendors and security researchers meet face to face to address problems and discuss solutions — in public. LATEST FROM DR TECHNOLOGY [Companies Explore Ways to Safeguard Data in the Age of LLMs]( Generative AI models are forcing companies to become creative in how they keep employees from giving away sensitive data. LATEST FROM DR GLOBAL [Supporting Africa's Cybersecurity Talent Makes the World Safer]( The global infosec community needs to help African nations defend against growing threats. WEBINARS - [Tips for A Streamlined Transition to Zero Trust]( From identifying the potential attack surface to determining policy, there is a clear path to zero trust and best practices to make the transition as smooth as possible - both for your organization and your customers. Zero trust is more ... - [Passwords Are Passe: Next Gen Authentication for Today's Threats]( Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Global Perspectives on Threat Intelligence]( - [Crucial Considerations when Enabling Secure Industrial Digital Transformation]( - [Evaluating SASE for the Work-From-Anywhere Era]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [How to Deploy Zero Trust for Remote Workforce Security]( - [Everything You Need to Know About DNS Attacks]( - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Omdia Research Finds Risk-Based Vulnerability Management Set to Encompass the Vulnerability Management Market by 2027]( [Niagara Networks and Scope Middle East Announce Strategic VAD Partnership]( [Enea Qosmos Threat Detection SDK Launched to Boost the Performance of Network-Based Cybersecurity]( [CISO Global Deepens Capabilities With Integrated Threat Intelligence Feed]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118275&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.19.23&sp_cid=49872&utm_content=DR_NL_Dark%20Reading%20Daily_09.19.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#51 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)