#azuread — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #azuread, aggregated by home.social.
-
If you're running Microsoft Entra Connect, consider upgrading to v2.6.79.0 soon, it patches undisclosed security vulnerabilities.
-
Ebola makes philosophers, outbreak makes heroes, #AzureAD makes sages.
-
⚠️ CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) enables remote authentication bypass & privilege escalation. Patch released by Microsoft — confirm your cloud environment is updated. Details: https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #Security #CVE202633843
-
🚨 CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) allows remote auth bypass (CVSS 9.1). Patch released — Microsoft manages remediation. No known exploits. Check advisory & verify your cloud config. https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #CloudSecurity #CVE202633843
-
🟦 Entra ID Backup. What you Need to Know!
Microsoft has added built in backup and restore to Entra ID — a big win for admins. 🔹
It creates automatic daily backups with five days of retention.
Backups cannot be disabled or deleted even by admins.
Restores cover users groups apps and policies enabling faster recovery and compliance.💡 Daily backups retained for five days
🔍 Restore users groups apps and policies
⚖️ Backups stored in tenant geo for complianceWant a short guide to get started?
#EntraID #IdentityBackup #AzureAD #CloudSecurity
▶︎https://www.hubsite365.com/en-ww/pro-office-365/?id=450758d2-b934-f111-88b4-00224882d634&topic=eb4ea787-ac86-ec11-93b0-6045bd8f31a1&theater=true -
🟦 Entra ID Backup. What you Need to Know!
Microsoft has added built in backup and restore to Entra ID — a big win for admins. 🔹
It creates automatic daily backups with five days of retention.
Backups cannot be disabled or deleted even by admins.
Restores cover users groups apps and policies enabling faster recovery and compliance.💡 Daily backups retained for five days
🔍 Restore users groups apps and policies
⚖️ Backups stored in tenant geo for complianceWant a short guide to get started?
#EntraID #IdentityBackup #AzureAD #CloudSecurity
▶︎https://www.hubsite365.com/en-ww/pro-office-365/?id=450758d2-b934-f111-88b4-00224882d634&topic=eb4ea787-ac86-ec11-93b0-6045bd8f31a1&theater=true -
RE: https://infosec.exchange/@merill/116188307859736132
Android Authenticator
Root Detection
🚨⚠️🚨⚠️🚨⚠️🚨⚠️
#MicrosoftAuthenticator on #Android
strictly blocks usage on rooted or
jailbroken devices.Relies on Google
Play Services;privacy-focused OS
distributions (e.g., #GrapheneOS)
lacking Play Services will be
completely blocked.THIS WONT MAKE EVERYONE HAPPY
-
RE: https://infosec.exchange/@merill/116188307859736132
Android Authenticator
Root Detection
🚨⚠️🚨⚠️🚨⚠️🚨⚠️
#MicrosoftAuthenticator on #Android
strictly blocks usage on rooted or
jailbroken devices.Relies on Google
Play Services;privacy-focused OS
distributions (e.g., #GrapheneOS)
lacking Play Services will be
completely blocked.THIS WONT MAKE EVERYONE HAPPY
-
⚠️ CVE-2026-2628: CRITICAL auth bypass in All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin (≤2.2.5). Attackers can access WP admin accounts with no credentials. Disable plugin or restrict logins until patched! https://radar.offseq.com/threat/cve-2026-2628-cwe-288-authentication-bypass-using--3ce6682b #OffSeq #WordPress #AzureAD
-
🟦 Entra ID Access Reviews — Beginner's Guide
New walkthrough demystifies Microsoft Entra ID Access Reviews and how they enforce least privilege 🚀
💡 Access review basics and workflow
🔍 Setup steps roles and scopes
⚖️ Automation recommendations and audit trailsWatch the video for a step by step demo and a preview of upcoming features. Requires Entra ID P2 or Governance licensing for full capabilities. What access review challenge are you tackling next?
-
🟦 Entra ID Access Reviews — Beginner's Guide
New walkthrough demystifies Microsoft Entra ID Access Reviews and how they enforce least privilege 🚀
💡 Access review basics and workflow
🔍 Setup steps roles and scopes
⚖️ Automation recommendations and audit trailsWatch the video for a step by step demo and a preview of upcoming features. Requires Entra ID P2 or Governance licensing for full capabilities. What access review challenge are you tackling next?
-
Lock down endpoints. Apply Conditional Access with device compliance checks—don’t trust unmanaged devices. #ZeroTrust #EndpointSecurity #AzureAD
-
Today, system and cloud administrators find themselves juggling speed and security. Infrastructure has never been more distributed: workloads run across data centers, cloud providers, containers, and remote endpoints. Managing access, maintaining visibility, and enforcing policies across all these systems is a daily challenge. Here's an introduction to Identity and Access Management (IAM) for administrators across OSs and cloud environments.
#IAM #Windows #AzureAD #Entr
https://negativepid.blog/understanding-iam-across-environments/ -
Today, system and cloud administrators find themselves juggling speed and security. Infrastructure has never been more distributed: workloads run across data centers, cloud providers, containers, and remote endpoints. Managing access, maintaining visibility, and enforcing policies across all these systems is a daily challenge. Here's an introduction to Identity and Access Management (IAM) for administrators across OSs and cloud environments.
#IAM #Windows #AzureAD #Entr
https://negativepid.blog/understanding-iam-across-environments/ -
Today, system and cloud administrators find themselves juggling speed and security. Infrastructure has never been more distributed: workloads run across data centers, cloud providers, containers, and remote endpoints. Managing access, maintaining visibility, and enforcing policies across all these systems is a daily challenge. Here's an introduction to Identity and Access Management (IAM) for administrators across OSs and cloud environments.
#IAM #Windows #AzureAD #Entr
https://negativepid.blog/understanding-iam-across-environments/ -
Today, system and cloud administrators find themselves juggling speed and security. Infrastructure has never been more distributed: workloads run across data centers, cloud providers, containers, and remote endpoints. Managing access, maintaining visibility, and enforcing policies across all these systems is a daily challenge. Here's an introduction to Identity and Access Management (IAM) for administrators across OSs and cloud environments.
#IAM #Windows #AzureAD #Entr
https://negativepid.blog/understanding-iam-across-environments/ -
🎤 On Stage in 5min 🎤 Track 1: @powers-hell.com Track 2: Jan-Hendrik Peters Track 3: @hcritter.bsky.social Track 4: Jonny Eskew #PowerShell #automation #Azure #DevOps #Microsoft365 #AzureAD #MSAL #MicrosoftGraph #Bicep
-
Microsoft Entra ID Exposed: Actor Token Flaw Enables Stealthy Global Admin Takeove https://thecyberexpress.com/cve-2025-55241-exposes-entra-id-admin-access/ #AzureActiveDirectory #TheCyberExpressNews #MicrosoftEntraID #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202555241 #CyberNews #AzureAD
-
Microsoft Entra ID Exposed: Actor Token Flaw Enables Stealthy Global Admin Takeove https://thecyberexpress.com/cve-2025-55241-exposes-entra-id-admin-access/ #AzureActiveDirectory #TheCyberExpressNews #MicrosoftEntraID #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202555241 #CyberNews #AzureAD
-
"While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful #EntraID #vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments). If you are an Entra ID admin reading this, yes that means complete access to your tenant." 😲
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
#Microsoft #security #Cloud #Azure #AD #ActiveDirectory #AzureAD
-
"While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful #EntraID #vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments). If you are an Entra ID admin reading this, yes that means complete access to your tenant." 😲
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
#Microsoft #security #Cloud #Azure #AD #ActiveDirectory #AzureAD
-
👋 It's Entra NOT Ontra 😂
Full episode at https://entra.news/p/from-active-directory-to-ai-agents
entra.chat
-
👋 It's Entra NOT Ontra 😂
Full episode at https://entra.news/p/from-active-directory-to-ai-agents
entra.chat
-
https://opensource.microsoft.com/blog/2022/01/18/announcing-azure-active-directory-azure-ad-workload-identity-for-kubernetes/ - authenticate #Kubernetes #pods to #AzureAD (now #Entra). Nice intro Anish Ramasekar.
-
🎙️ BIG NEWS: I'm launching Entra.Chat - the podcast identity pros have been waiting for!
After years in the identity trenches, I've seen a lot - the midnight calls, the authentication puzzles, and those "how is this even possible?" moments.
That's why I created EntraChat - to share the REAL stories behind Microsoft Entra deployments that you won't find in documentation.
My first episode drops TODAY with identity wizard Ben Wolfe, who reveals how his team migrated 700 apps and 30,000 users from Okta to Microsoft Entra in just 90 days (while implementing Windows Hello for Business simultaneously!)
I've already recorded amazing conversations with identity leaders who've solved problems you're probably facing right now. Their candid insights and battle-tested solutions might just save your next deployment!
Upcoming episodes include conversations with
❤️ Kuba Gretzky - Creator of EvilGinx
❤️ Martin Sandren - Product leader at Ikea
❤️ Dhanyah Krishnamoorthy - Product Manager, Microsoft Entra for Connect Sync and Cloud Sync
❤️ Samantha 🦚 Kloos-Kilkens -
❤️ Nathan McNulty - Fountain of knowledge on all things Microsoft SecurityWho's ready to level up their identity knowledge?
Drop a 💙 if you're as excited about this as I am!
Subscribe with your favourite podcast player:
🎧 Apple Podcast - https://podcasts.apple.com/us/podcast/entra-chat/id1801200012🎧 Spotify - https://open.spotify.com/show/2lJSWBTmMWWn4f9u75JvHY
📺 YouTube - https://www.youtube.com/@merillx/podcasts
🎧 Pocketcast - https://pca.st/10oii6uv
🎧 Overcast - https://overcast.fm/itunes1801200012
🎧 Other podcast apps (rss) - https://api.substack.com/feed/podcast/1804560/private/17af4edf-5946-4494-a05a-ac8693ba426d.rss
Episode 1: https://entra.news/p/from-okta-to-entra-migrating-700
#MicrosoftEntra #IdentityManagement #TechPodcast #AzureAD #CloudSecurity
-
Report Active Directory Accounts that are Synchronized with Azure AD http://dlvr.it/TJL2Zs via PlanetPowerShell #ActiveDirectory #AzureAD #PowerShell #ADConnect
-
02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each http://dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell
-
Microsoft Entra PowerShell modules http://dlvr.it/THs8jn via PlanetPowerShell #MicrosoftEntra #PowerShell #AzureAD #CloudComputing
-
Microsoft Entra PowerShell modules http://dlvr.it/THj3GY via PlanetPowerShell #Microsoft #Entra #PowerShell #AzureAD
-
A widespread error has hit Microsoft 365, deactivating licenses in Office apps. Learn about the causes and how to fix it. #Microsoft365 #Office365 #MicrosoftOffice #Word #Excel #Outlook #AzureAD #Windows #Microsoft
https://winbuzzer.com/2024/12/20/microsoft-365-license-bug-locked-you-out-try-this-workaround-xcxwbn
-
Some Graph API fun today.
The Graph API knows `applications` (https://learn.microsoft.com/en-us/graph/api/resources/application) and `servicePrincipals` (https://learn.microsoft.com/en-us/graph/api/resources/serviceprincipal).
The Azure Portal knows `App Registrations` and `Enterprise Applications`.
App Registrations (Portal) = applications (Graph API)
Enterprise Applications (Portal) = servicePrincipals (Graph API)Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.
Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:
```
GET /servicePrincipals/{id}
GET /servicePrincipals(appId='{appId}')
GET /applications/{applicationObjectId}
GET /applications(appId='{appId}')
```When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.
-
https://dev.to/kasuken/securing-a-blazor-webassembly-hosted-apps-with-azure-active-directory-part-1-382d - putting an app behind #AzureAD (now #Entra ID). Nice walk-through https://www.linkedin.com/in/emanuelebartolesi/.
-
#AzureAD #Entra #EntraID Entra ID Tenant ID & Custom Domains PowerShell Module http://dlvr.it/TFhVtv via PlanetPowerShell
-
Abusing Family Refresh Tokens for Unauthorized Access and Persistence in Azure Active Directory - https://github.com/secureworks/family-of-client-ids-research #redteam #azuread
-
Attn Microsoft 365 & Entra ID admins:
Entra ID Connect Sync service needs to be upgraded to the minimum req'd version of 2.3.2 by Sept 23rd, 2024 to avoid disruption to auto-upgrade & alerting functionality.
Yes, in 2 weeks. Final warning.
https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/security-updates-pks
#entraid #azuread #microsoft365 #microsoft #msftadvocate #entraconnect
-
What are your biggest Entra (AzureAD) Conditional Access questions or pain points? I'm working on a giant Conditional Access post for the #TrustedSec blog -- would welcome your inputs!
#Microsoft #Entra #AzureAD #Azure #ConditionalAccess #conditionalaccesspolicies -
After 9 years in #azuread / #EntraID CxE I've decided to take on a new role at #Microsoft. I'll be joining the Global Hunting, Oversight and Strategic Triage team, also known as GHOST as a security researcher. I'm excited for the change and very much up for the new challenges in this space. #infosec
-
𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫
The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.
For more information, see:
#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative
-
heise-Angebot: iX-Sonderheft "Sicheres Active Directory" jetzt auch am Kiosk
Das Active Directory ist der Dreh- und Angelpunkt bei Ransomware-Angriffen. Wie man es absichert, zeigt das neue iX kompakt auf über 170 Seiten.
iX-Sonderheft "Sicheres Active Directory" jetzt auch am Kiosk -
heise-Angebot: iX-Sonderheft "Sicheres Active Directory" ist da
Das Active Directory ist der Dreh- und Angelpunkt bei Ransomware-Angriffen. Wie man es absichert, zeigt das neue iX kompakt auf über 170 Seiten.
iX-Sonderheft "Sicheres Active Directory" ist da