Hot Topics

‘China’ Azure Breach: MUCH Worse Than Microsoft Said

Richi Jennings | July 24, 2023 | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz

Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...

Security Boulevard

China Breaches Microsoft Cloud — Spied on US Govt. Email

Richi Jennings | July 13, 2023 | Active Directory, Authentication, Azure Active Directory, Azure AD, Exchange, Microsoft, Outlook.com, SB Blogwatch, Storm-0558

Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...

Security Boulevard

Azure Privilege Escalation via Azure API Permissions Abuse

Andy Robbins | December 1, 2021 | azure, Azure Active Directory, azure-app-service, cloud computing, security

Intro and Prior WorkMicrosoft’s Azure is a complicated system of principals, securable objects, and the various ways access is granted to those objects. Some privileged actions are tightly controlled by Azure AD roles, ...

Posts By SpecterOps Team Members - Medium

Protecting BYOPC corporate access using conditional access

Yan Aksenfeld | February 11, 2021 | Azure Active Directory, byod, BYOPC, Conditional Access

The advent of the Bring your own PC (BYOPC) era This has got to be the most popular phrase in IT blogs in the past year, but yeah, we noticed – 2020 ...

Blog – Hysolate