Bleeping Computer

Microsoft Entra account lockouts caused by user token logging mishap

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. On Saturday morning, ...
Wired

This Microsoft Entra ID Vulnerability Could Have Been Catastrophic

As businesses around the world have shifted their digital infrastructure over the last decade from self-hosted servers to the cloud, they’ve benefitted from the standardized, built-in security ...
Redmond Magazine

Microsoft Entra API-Driven Provisioning Preview Eases HR App Integrations

Microsoft on Wednesday announced a preview of "Microsoft Entra API-driven provisioning," which promises to ease HR data sharing with Microsoft's identity and access management solutions. Specifically, ...
Dark Reading

Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware

Adversaries have caught on to the complexity that cybersecurity teams face in securing hybrid cloud environments — the latest of which is a particularly odious group tracked as "Storm-0501," a ...
Virtualization Review

Expert Explains Conditional Access and Zero Trust Implementation in Microsoft Entra

At today's online summit hosted by RedmondMag, titled "Cloud Control: Securing Access and Identity in the Microsoft SaaS Stack," longtime Microsoft MVP and Principal Cloud Architect Joey D'Antoni ...
Bleeping Computer

Password-spraying attacks target 80,000 Microsoft Entra ID accounts

Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and ...