Microsoft
Tax Scams Ramping Up as the April 15 Deadline Approaches
With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft ...
Security Boulevard
Best Practices for Securing Microsoft Copilot
Microsoft's Copilot is becoming a focal point for businesses seeking to revolutionize their operations and elevate productivity. Here's how to secure it ...
Security Boulevard
Russian Hackers Access Source Code in Ongoing Attack on Microsoft
The Russian state-sponsored bad actors who hacked into the corporate email accounts of executives at Microsoft are taking another run at the IT giant, this time using information stolen then to access ...
Security Boulevard
Russian Hackers Target Ukraine Via A Disinformation Campaign
Wajahat Raja | | Alexei Navalny, Callisto Group, COLDRIVER, credential harvesting, cyber warfare, Cybersecurity Measures, Cybersecurity News, disinformation campaign, ESET, Kyivstar, Microsoft, Operation Texonto, phishing campaign, Russian hackers, The Hacker News, The Record, Ukraine, Vladimir Putin
Disinformation campaigns play an important role in cyber warfare, and this is exactly what Russian hackers target Ukraine. After waging war on Ukraine on land, Russia is attacking the East European country ...
Browserless Entra Device Code Flow
Zugspitze, Bavaria, Germany. Photo by Andrew ChilesDid you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication steps — without a browser?Why that matters:Automating authentication flows enables ...
SCCM Hierarchy Takeover with High Availability
TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchyI previously wrote about how targeting site systems hosting the SMS Provider role can be used to ...
How ITDR Could Have Helped Microsoft in the Midnight Blizzard Hack
Rezonate | | identity management, Identity provider, ITDR, Market, Microsoft, Midnight Blizzard, research, security, Technical
Identity-based attacks are on the rise, but they can be prevented with the right identity threat detection and response (ITDR) measures. As winter crept in last year, so did identity threat actors ...
Breaking Bitlocker
Rick | | BitLocker, cpu, Crypto, drive encryption, encryption, Microsoft, Mobile Security, security, Windows
It was only a matter of time before someone did this. Bitlocker is Microsoft’s technique for encrypting a desktop, laptop, or other MS Windows device. We encrypt the device to protect the ...
Directory.ReadWrite.All Is Not As Powerful As You Might Think
Directory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts of privilege, even being equated to the Global Admin Entra ID role.Why it mattersAzure admins and security professionals may put ...
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents
Beverly Nevalga, Sr. Content Marketing Manager @ AppOmni | | Blog, Cloudflare-Atlassian, identity, Microsoft, SaaS Security Posture Management
Learn about the vulnerabilities in major SaaS platforms brought to light from recent cybersecurity incidents. The post Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents appeared first on AppOmni ...