Bleeping Computer

Microsoft Entra account lockouts caused by user token logging mishap

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. On Saturday morning, ...
SiliconANGLE

New Barracuda backup tool extends Microsoft Entra ID data retention

Cybersecurity company Barracuda Networks Inc. today announced the launch of Barracuda Entra ID Backup Premium, a new solution to safeguard Microsoft Entra ID environments from accidental and malicious ...
Hosted on MSN

A Microsoft Entra security update is locking users out of their accounts

Some Entra ID accounts were being flagged as having compromised credentials Seems it was just Microsoft “inadvertently generat[ing] [false] alerts” However, users were getting different explanations ...
TechSpot

Microsoft patches critical Entra ID flaws that endangered millions of tenants

Facepalm: Microsoft Entra ID, formerly known as Azure Active Directory, is a cloud-based identity and access management solution. The directory-based system provides authentication for nearly all ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
Dark Reading

Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware

Adversaries have caught on to the complexity that cybersecurity teams face in securing hybrid cloud environments — the latest of which is a particularly odious group tracked as "Storm-0501," a ...
Dark Reading

'Cookie Bite' Entra ID Attack Exposes Microsoft 365

Attackers could exploit two key authentication cookies used by Azure Entra ID to bypass MFA and hijack legitimate user sessions — thus gaining persistent access to Entra ID-protected resources in ...