APT29, the threat actor linked to the SolarWinds hack, is abusing various Azure features in recent attacks against organizations that influence the foreign policy of NATO countries.
Microsoft observed the threat actor, which it tracks as Seaborgium, targeting over 30 organizations since 2022 started.
The flaw was first reported to Microsoft in 2019, but at the time it said it did not consider the issue to be a vulnerability.
The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.
Microsoft fixed the flaw as part of its regularly-scheduled update, which includes over 80 critical and important-severity bugs.