Bleeping Computer

Hackers use Azure Serial Console for stealthy access to VMs

A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. From there, ...
CSOonline

Attacker uses the Azure Serial Console to gain access to Microsoft VM

Using the access to virtual machines the attackers employed malicious use of the Serial Console on Azure Virtual Machines to install third-party remote management software within client environments.
TWCN Tech News

Azure VM agent status is not ready – Troubleshoot

The Azure VM Agent enables VMs to communicate with Azure’s underlying Fabric Controller via the virtual public IP 168.63.129.16. However, when VMs are migrated from on-premises or deployed from custom ...