Azure Active Directory
Biden Review Board Gives Microsoft a Big, Fat Raspberry
Richi Jennings | | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Azure security, cisa, CISA.gov, CSRB, Cyber Safety Review Board, Cybersecurity Infrastructure Security Administration, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 forecast: Last year’s Chinese hack of federal agencies’ email is still a mystery, and “should never have occurred,” says CISA ...
Security Boulevard
Microsoft Entra ID: The Complete Guide to Conditional Access Policies
Ori Amiga | | Azure Active Directory, EntraID, identity management, Identity-First Security, research, security, Technical
Here it is – everything you need to know about using Entra ID’s Conditional Access policies to boost your identity security posture. Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based ...
US State Government Network Breach: Ex-Employee Logins Used
Wajahat Raja | | Azure Active Directory, Cybersecurity Incident, Cybersecurity Measures, Cybersecurity News, cybersecurity response, Ex-Employee Credentials, insider threats, Multi-Factor Authentication (MFA), Network Security, Privileged Accounts, State Government Breach
In a recent disclosure by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a state government organization fell victim to a cyber breach facilitated by the misuse of ex-employee credentials. The US ...
Microsoft is a “Strategic Problem in the Security Space,” Says CEO
Richi Jennings | | Amit Yoran, azure, Azure Active Directory, Azure AD, Azure security, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, SB Blogwatch, Tenable
Fist of FAIL: Tenable CEO Amit Yoran has had enough—and he’s not gonna take it anymore. Satya Nadella (pictured) can’t be happy ...
Security Boulevard
‘China’ Azure Breach: MUCH Worse Than Microsoft Said
Richi Jennings | | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
Security Boulevard
China Breaches Microsoft Cloud — Spied on US Govt. Email
Richi Jennings | | Active Directory, Authentication, Azure Active Directory, Azure AD, Exchange, Microsoft, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...
Security Boulevard
Azure Privilege Escalation via Azure API Permissions Abuse
Intro and Prior WorkMicrosoft’s Azure is a complicated system of principals, securable objects, and the various ways access is granted to those objects. Some privileged actions are tightly controlled by Azure AD roles, ...
Protecting BYOPC corporate access using conditional access
The advent of the Bring your own PC (BYOPC) era This has got to be the most popular phrase in IT blogs in the past year, but yeah, we noticed – 2020 ...