azure

The Ephemeral Illusion: Why the Cloud Sandbox is not a Safe Zone

John Z Black Apr 22, 2026

Security Operations & Resilience #cloud-security #azure #aws-lambda #sandbox-escape #serverless #containers #iam

We have been told that serverless environments are secure because they are temporary. New research on Azure and AWS Lambda proves that attackers are learning how to live in the layer underneath.

Your MFA Isn't Enough. (And Most Places Don't Even Have That.)

John Z Black Mar 29, 2026

Incidents & Breaches #mfa #phishing #oauth #device-code-phishing #microsoft365 #passwordless #azure #authentication #identity-security

A phishing campaign bypassed MFA at 340+ organizations using legitimate OAuth flows, while 76% of companies are still relying on passwords in the first place.