GUEST RESEARCH: Tenable — the exposure management company,has disclosed that its Tenable Research Team has discovered a critical information disclosure vulnerability in Microsoft’s Copilot Studio via a server-side request forgery (SSRF), which allowed researchers access to potentially sensitive information regarding service internals with potential cross-tenant impact. This vulnerability exists due to improper handling of redirect status codes for user-configurable actions within Copilot Studio. This follows the team’s recent discoveries of flaws in Microsoft’s Azure Health Bot service, Azure Service Tags and three vulnerabilities in the Azure API Management service.

GUEST RESEARCH:  Dynatrace also named a Leader and positioned furthest for Vision and highest in Execution in the 2024 Gartner Magic Quadrant for Observability Platforms

GUEST RESEARCH: In the aftermath of the recent CrowdStrike global IT outage, which affected 8.5 million Microsoft Windows devices and led to widespread disruptions in airlines, healthcare providers and retail payment terminals, the fragility of critical infrastructure has come into sharp focus. 

GUEST RESEARCH: Fastly, a leader in global edge cloud platforms, today released the Fastly Threat Insights Report, which found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. This new report provides the latest attack trends and techniques across the web application and API security landscape.