Microsoft this week announced that its Azure Active Directory Certificate-Based Authentication (CBA) scheme for "phishing-resistant" authentications is now commercially released and ready for use with ...

Microsoft on Thursday announced that Azure AD Graph APIs will stop processing application requests after Feb. 1. "Our next big milestone starts February 1st, when existing applications will be ...

Guest accounts in Azure AD (AAD) are meant to provide limited access to corporate resources for external third parties — the idea is to enable collaboration without risking too much exposure. But ...

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...

Microsoft Corp. today announced that its long-lived and much-loved identity and access management service Azure Active Directory is being rebranded, and will henceforth be known as Microsoft Entra ID.

Organizations that have implemented the "Log in with Microsoft" feature in their Microsoft Azure Active Directory environments could potentially be vulnerable to an authentication bypass that opens ...

What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first ...

A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants. Lateral movement techniques have been a critical component of ...