CSOonline

Microsoft Entra’s billing roles pose privilege escalation risks in Azure

Guest users with certain billing roles can create and own subscriptions, potentially gaining persistence and privilege escalation within an organization’s Azure environment. Threat actors can abuse ...
Bleeping Computer

Microsoft Entra account lockouts caused by user token logging mishap

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. On Saturday morning, ...
Geeky Gadgets

Microsoft 365 Guest Access: The Hidden Risks You Need to Know

Picture this: you’re collaborating with an external partner on a critical project, sharing files and ideas seamlessly through Microsoft 365. Everything is running smoothly—until you pause to consider ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
Geeky Gadgets

What is Microsoft Entra Suite and how can you use it?

This week Microsoft has announced the general availability of its new Microsoft Entra Suite, designed to provide the industry’s most comprehensive secure access solution for the workforce. Microsoft ...