Azure Active Directory
Microsoft Entra ID: The Complete Guide to Conditional Access Policies
Here it is – everything you need to know about using Entra ID’s Conditional Access policies to boost your identity security posture. Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based ...
US State Government Network Breach: Ex-Employee Logins Used
In a recent disclosure by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a state government organization fell victim to a cyber breach facilitated by the misuse of ex-employee credentials. The US ...
Microsoft is a “Strategic Problem in the Security Space,” Says CEO
Fist of FAIL: Tenable CEO Amit Yoran has had enough—and he’s not gonna take it anymore. Satya Nadella (pictured) can’t be happy ...
‘China’ Azure Breach: MUCH Worse Than Microsoft Said
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
China Breaches Microsoft Cloud — Spied on US Govt. Email
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...
Azure Privilege Escalation via Azure API Permissions Abuse
Intro and Prior WorkMicrosoft’s Azure is a complicated system of principals, securable objects, and the various ways access is granted to those objects. Some privileged actions are tightly controlled by Azure AD roles, ...
Protecting BYOPC corporate access using conditional access
The advent of the Bring your own PC (BYOPC) era This has got to be the most popular phrase in IT blogs in the past year, but yeah, we noticed – 2020 ...