Bleeping Computer

Microsoft will roll out MFA-enforcing policies for admin portal access

Microsoft will soon start rolling out Conditional Access policies requiring multifactor authentication (MFA) from administrators when signing into Microsoft admin portals such as Microsoft Entra, ...
Cybernews

One-click disaster: Microsoft’s Entra tokens can grant access to corporate emails, and that’s a problem

Attackers are targeting OAuth tokens to access emails. Learn how ChatGPT permissions highlight risks for Microsoft Entra tenants.
IT News For Australia Business

Actor auth tokens gave Global Admin access across Azure Entra ID tenants

A Dutch security researcher has published an indepth analysis of a critical vulnerability that could have allowed attackers to compromise every Microsoft Entra ID tenant worldwide through a ...
Bleeping Computer

Microsoft Entra ID flaw allowed hijacking any company's tenant

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor ...