Tenable researchers found two security vulnerabilities in Microsoft’s Azure Health Bot platform that could allow unauthorized access to internal APIs and cross-tenant resources. Microsoft acted promptly on Tenable’s findings, applying mitigations to all affected services and eliminating the attack vector. These discoveries highlight the potential risks of AI-powered services and the need for strong web application and cloud security controls.
T-Mobile pays $16 million fine for three years’ worth of data breaches
T-Mobile has agreed to pay a $15.75 million fine and improve its security in a settlement over a series of data breaches over three years