#azureactivedirectory — Public Fediverse posts

Microsoft Entra ID Exposed: Actor Token Flaw Enables Stealthy Global Admin Takeove https://thecyberexpress.com/cve-2025-55241-exposes-entra-id-admin-access/ #AzureActiveDirectory #TheCyberExpressNews #MicrosoftEntraID #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202555241 #CyberNews #AzureAD

𝐑𝐞𝐦𝐞𝐝𝐢𝐚𝐭𝐞 𝐔𝐬𝐞𝐫 𝐑𝐢𝐬𝐤𝐬 𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐄𝐧𝐭𝐫𝐚 𝐈𝐃 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐓𝐡𝐫𝐨𝐮𝐠𝐡 𝐎𝐧-𝐩𝐫𝐞𝐦𝐢𝐬𝐞𝐬 𝐏𝐚𝐬𝐬𝐰𝐨𝐫𝐝 𝐂𝐡𝐚𝐧𝐠𝐞𝐬

While we recommend mastering password changes in Entra ID to take advantage of Password Protection, hybrid customers who do password changes on-premises can now use the new setting called "Allow on-premises password change to reset user risk"

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/remediate-user-risks-in-microsoft-entra-id-protection-through-on/ba-p/3773129

#entraid #azuread #azure #idp #identityprotection #passwordchange #passwordprotection #identityrisk #soc #identity #cybersecurity #zerotrust #azureactivedirectory #hybrididentity #hybrid #identityprotection #microsoft #microsoftsecurity

If you've been living under the impression that 100% of all configuration changes in Entra ID are audited or audited to a degree of value... you'd be wrong.

From a recent bit of analysis in what's in, or, what's not in, Entra ID audit logs, I've written up some findings and thoughts.

#entra #EntraID #aad #azuread #azureactivedirectory #m365 #mvpbuzz #microsoft #infosec #identitysecurity #azure

https://ericonidentity.com/2023/08/29/dude-wheres-my-audit-logs/

The nasty hack ‘by #China’ I covered 11 days ago is even nastier than we were told. Far from being limited to a couple of email apps, the hackers stole a key cracking open any #AzureActiveDirectory (AAD) mixed-audience, multi-tenant application. People are using words like “shoddy” and “fiasco.”

BTW, AAD recently suffered a bizarre rebrand as #EntraID. In today’s #SBBlogwatch, we wonder if these two events are connected. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/07/azure-breach-worse-richixbw/?utm_source=richisoc

Announcing General Availability of Authenticator Lite (in Outlook)

"Authenticator Lite (in Outlook) expands the opportunity to convert users by bringing the enhanced security of push notifications to devices that have not yet downloaded the Microsoft Authenticator App. "

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/announcing-general-availability-of-authenticator-lite-in-outlook/ba-p/3773136

#microsoft #security #mfa #entra #azuread #azureactivedirectory #authenticatorapp #outlook #phone #azure #microsoftsecurity #identity #idp #authentication #cloud #cloudnative #ios #android #mobile

Azure AD Certificate-Based Authentication (CBA) on Mobile now Generally Available!

You can now provision certificates on a hardware security key, which can then be used for authentication with Azure AD on iOS and Android devices. Microsoft's mobile certificate-based solution coupled with the hardware security keys is a simple, convenient, Federal Information Processing Standards (FIPS) certified phishing-resistant MFA method. 

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-certificate-based-authentication-cba-on-mobile-now/ba-p/1144695

#microsoft #azure #security #android #hardware #ios #fido2 #mfa #cba #certificatebasedauthentication #phishing #msal #yubikey #certificate #azureactivedirectory #azuread #iam #nfc #microsoftentra #security #identity #identitysecurity #cloudsecurity #identityprovider

Azure AD Certificate-Based Authentication (CBA) on Mobile now Generally Available!

You can now provision certificates on a hardware security key, which can then be used for authentication with Azure AD on iOS and Android devices. Microsoft's mobile certificate-based solution coupled with the hardware security keys is a simple, convenient, Federal Information Processing Standards (FIPS) certified phishing-resistant MFA method. 

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-certificate-based-authentication-cba-on-mobile-now/ba-p/1144695

#microsoft #azure #security #android #hardware #ios #fido2 #mfa #cba #certificatebasedauthentication #phishing #msal #yubikey #certificate #azureactivedirectory #azuread #iam #nfc #microsoftentra #security #identity #identitysecurity #cloudsecurity #identityprovider

Azure AD Certificate-Based Authentication (CBA) on Mobile now Generally Available!

You can now provision certificates on a hardware security key, which can then be used for authentication with Azure AD on iOS and Android devices. Microsoft's mobile certificate-based solution coupled with the hardware security keys is a simple, convenient, Federal Information Processing Standards (FIPS) certified phishing-resistant MFA method. 

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-certificate-based-authentication-cba-on-mobile-now/ba-p/1144695

#microsoft #azure #security #android #hardware #ios #fido2 #mfa #cba #certificatebasedauthentication #phishing #msal #yubikey #certificate #azureactivedirectory #azuread #iam #nfc #microsoftentra #security #identity #identitysecurity #cloudsecurity #identityprovider

Azure AD Certificate-Based Authentication (CBA) on Mobile now Generally Available!

You can now provision certificates on a hardware security key, which can then be used for authentication with Azure AD on iOS and Android devices. Microsoft's mobile certificate-based solution coupled with the hardware security keys is a simple, convenient, Federal Information Processing Standards (FIPS) certified phishing-resistant MFA method. 

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-certificate-based-authentication-cba-on-mobile-now/ba-p/1144695

#microsoft #azure #security #android #hardware #ios #fido2 #mfa #cba #certificatebasedauthentication #phishing #msal #yubikey #certificate #azureactivedirectory #azuread #iam #nfc #microsoftentra #security #identity #identitysecurity #cloudsecurity #identityprovider

Azure AD Certificate-Based Authentication (CBA) on Mobile now Generally Available!

You can now provision certificates on a hardware security key, which can then be used for authentication with Azure AD on iOS and Android devices. Microsoft's mobile certificate-based solution coupled with the hardware security keys is a simple, convenient, Federal Information Processing Standards (FIPS) certified phishing-resistant MFA method. 

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-certificate-based-authentication-cba-on-mobile-now/ba-p/1144695

#microsoft #azure #security #android #hardware #ios #fido2 #mfa #cba #certificatebasedauthentication #phishing #msal #yubikey #certificate #azureactivedirectory #azuread #iam #nfc #microsoftentra #security #identity #identitysecurity #cloudsecurity #identityprovider

📢 Find out new Microsoft Entra Features:

➡Identity security / protecting Identities

🔸 Azure AD Recommendations

🔸 More information on why a sign-in was flagged “unfamiliar”

➡Identity modernization

🔸Converged Authentication Methods

🔸Granular device management using custom roles

🔸Azure AD Single-Sign-On enhancements

🔸Attribute Name format for SAML claims

🔸Apply RegEx Replace to the group claim content

🔸Multiple instances of the same application (IDP- and SP-initiated)

🔸 Persistent NameID for IDP-initiated apps

🔸AD FS migration advisor in Microsoft 365 admin center

➡Identity Governance

🔸New SCIM connector for ServiceNow

🔸Provisioning insights workbook

🔸 Expanding Privileged Identity Management (PIM) role activation across the Azure portal

➡Identity for multicloud

🔸Workload Identity Federation for Managed Identities

➡Passwordless

🔸Multiple Passwordless Phone Sign-in for iOS devices

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/new-microsoft-entra-features-now-available/ba-p/2967447

#microsoft #azure #security #entra #azuread #azureactivedirectory #aad #epm #identity #pim #multicloud #passwordless #ios #saml #servicenow #sso #singlesignon #cloudidentity #governance #identitygovernance #iam #iag #microsoft365 #microsoft365defender

Whether you're fresh to #Azure or #AzureAD, or have been around the block for a while, understanding the tenant to subscription relationship can be a tricky thing.

In this post we'll try to gain a better understanding with a mix of analogies and visuals.

#mvpbuzz #aad #azureactivedirectory #azuresecurity #entra #identity

https://ericonidentity.com/2023/01/29/azure-ad-101-azure-subscription-relationship

IPv6 Coming to Azure AD.
Microsoft will begin introducing IPv6 support into Azure AD services in a phased approach, starting March 31st, 2023.

https://lnkd.in/dYnz7k4f
#microsoft #ipv6 #azure #azure #azuread #azureactivedirectory #ipv4 #conditionalaccess #microsoftentra #identity #identityprovider #idp #iam #iag

I was asked recently to help provide my experiences with migration from federated to cloud authentication with #AzureAD.

While I may not work in a consulting role these days, I wanted to share my learnings working with customers, and included some solid community advice.

#aad #entra #azure #azureactivedirectory #adfs

https://ericonidentity.com/2022/12/01/field-notes-migration-from-federation-to-cloud-authentication/