Dark Reading

Rogue Azure AD Guests Can Steal Data via Power Apps

Guest accounts in Azure AD (AAD) are meant to provide limited access to corporate resources for external third parties — the idea is to enable collaboration without risking too much exposure. But ...
CSOonline

How Azure Active Directory opens new authentication risks

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD. It’s been common knowledge ...
Redmond Magazine

Microsoft Bringing Inactive Account Removals and Default Security to Azure Active Directory Users

Microsoft announced a couple of Azure Active Directory security enhancements this week. Microsoft is previewing the ability to allow IT pros to remove inactive user accounts for organizations that use ...
Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...
Security Boulevard

Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first ...
MCPmag

Azure Active Directory Role-Based Controls Expanded

Microsoft outlined some increased flexibility IT pros will have when it comes to Azure Active Directory's role-based access. The added flexibility is for the Azure AD Identity Protection service, ...