mastodon uno admin Ha risposto nella discussione
Ricerche recenti
Opzioni di ricerca
Amministrato da:
#entraid
1 post1 partecipante0 post oggi
Das heise security Webinar: Gefährliche Voreinstellungen der Microsoft-Cloud
Microsoft Entra ID kommt mit gefährlichen Defaults. Wir zeigen, wo man unbedingt nachbessern muss. Und bis Mittwoch gibts das Webinar noch 20 Prozent reduziert.
heise online · Das heise security Webinar: Gefährliche Voreinstellungen der Microsoft-Cloud
Bringing Artificial Intelligence to Entra ID Conditional Access
The Conditional Access Optimization Agent is one of 6 Security Copilot agents unveiled by Microsoft on March 24, 2025. The idea is that the agent can optimize CA policies by observing the connectivity behavior within a tenant. The agent can suggest how to fill gaps in CA coverage, detect new users and apps, and generally be helpful. Is it worth it? Experience will tell…
https://office365itpros.com/2025/04/04/conditional-access-optimization/
#EntraID
Office 365 for IT Pros · Conditional Access Optimization Agent Brings AI to CAThe Conditional Access Optimization Agent is one of 6 Security Copilot agents unveiled by Microsoft on March 24, 2025. The idea is to optimize CA policies.
It’s great to see @merill has launched his #podcast! It’s been fun listening to!
If you work in #entraid , or just like hearing about #iam - give it a listen.
https://podcasts.apple.com/gb/podcast/entra-chat/id1801200012
Apple PodcastsEntra.ChatTechnology Podcast · Updated weekly · Entra Chat is a weekly podcast hosted by Merill Fernando and delivers practical insights for Microsoft administrators and security professionals through conversations with identity experts who've been…
Blogged: ASP.NET Core delegated Microsoft OBO access token management (Entra only)
Software Engineering · ASP.NET Core delegated Microsoft OBO access token management (Entra only)This blog shows how to implement a delegated Microsoft On-Behalf-Of flow in ASP.NET Core, and has a focus on access token management. The solution uses Microsoft.Identity.Web to implement the diffe…
iX-Workshop: Effektive zentrale Authentifizierung mit Entra ID
Erfahren Sie, wie Sie Entra ID als Cloud-basierten Authentifizierungsdienst einsetzen und hybride Identitäten sicher verwalten.
heise online · iX-Workshop: Effektive zentrale Authentifizierung mit Entra ID
Practical Graph: Nag Users to Upgrade to a Strong Authentication Method
Convincing people to use MFA is one challenge. Convincing them to use a stronger authentication method than SMS is another. This article explains how to use PowerShell to find people still using SMS for MFA and send email to ask them to upgrade their authentication method.
https://practical365.com/upgrade-stronger-authentication-method-mfa/
#Microsoft365 #EntraID
Practical 365 · Practical Graph: Nag Users to Upgrade to a Strong Authentication MethodConvincing people to use MFA is one challenge. Convincing them to use a stronger authentication method than SMS is another. This article explains how to use PowerShell to find people still using SMS for MFA and send email to ask them to upgrade their authentication method.
iX-Workshop: Angriffe auf Entra ID abwehren
Lernen Sie, wie Sie Entra ID einschließlich Azure-Diensten härten und effektiv vor Angriffen schützen.
heise online · iX-Workshop: Angriffe auf Entra ID abwehren
Security-Webinar mit Frühbucherrabatt: Microsoft Entra ID – Dangerous Defaults
Microsofts Cloud-Angebote in Betrieb zu nehmen ist einfach – sie sicher zu betreiben, nicht. Wir erklären, wo und warum man unbedingt Hand anlegen muss.
heise online · Security-Webinar mit Frühbucherrabatt: Microsoft Entra ID – Dangerous Defaults
If you have access to manage #EntraID in your org, make sure the User Settings > #LinkedIn option is disabled. Else you’re giving away your company’s data and making an enemy of your Privacy team. This is ridiculous #Microsoft, you should be ashamed.
iX-Workshop: Effektive zentrale Authentifizierung mit Entra ID
Erfahren Sie, wie Sie Entra ID als Cloud-basierten Authentifizierungsdienst einsetzen und hybride Identitäten sicher verwalten.
heise online · iX-Workshop: Effektive zentrale Authentifizierung mit Entra ID
Blogged: Use client assertions in OpenID Connect and ASP.NET Core
https://damienbod.com/2025/02/24/use-client-assertions-in-openid-connect-and-asp-net-core/
Software Engineering · Use client assertions in OpenID Connect and ASP.NET CoreClient assertions is a method of client authentication which can be used in OpenID Connect. This provides an alternative to client secrets. This approach enhances security by using signed tokens (J…
Practical Graph: Exploring the Best Way to Control User Access to Entra ID Apps
Most Microsoft 365 tenants have a collection of Entra ID apps to manage. One task might be to control access to Entra ID apps, so the question is how best to do this. Assignments for users and groups control the ability to use apps while custom app roles are there for developers to determine what a user can done when they run an app.
https://practical365.com/access-to-entra-id-apps/
#EntraID #Microsoft365
Practical 365 · Practical Graph: Exploring the Best Way to Control User Access to Entra ID AppsMost Microsoft 365 tenants have a collection of Entra ID apps to manage. One task might be to control access to Entra ID apps, so the question is how best to do this. Assignments for users and groups control the ability to use apps while custom app roles are there for developers to determine what a user can done when they run an app.
Really interesting article on this ransomware operators tactics, this part especially so:
“Early Warnings Suggest Entra Connect Is Next Target”
I think it’s worth your time to harden your Microsoft #EntraID Connect (formerly Azure AD Sync) configuration as this is not the first article I’ve seen noting attackers targeting your IAM infrastructure. #cybersecurity
From: @nopatience
https://swecyb.com/@nopatience/114023912775060407
Swedish Cyber Security CommunityChristoffer S. (@nopatience@swecyb.com)ReliaQuest Inside the World’s Fastest Rising Ransomware Operator - BlackLock https://www.reliaquest.com/blog/threat-spotlight-inside-the-worlds-fastest-rising-ransomware-operator-blacklock/
Somewhat of a deep dive into a relatively new RaaS (BlackLock), a very active group both on RAMP and with adding new victims to their leaksite. Employing significant amount of techniques to prevent analysis (also on their leaksite(!).
#Ransomware #CyberSecurity #ThreatIntel #BlackLock #ScreamingGoat
At this point, most organizations don’t need the old Azure AD Seamless SSO configuration as they use the more modern Entra ID Native or Hybrid join features. AFAIK the Seamless SSO feature was used to support Windows 8 and 2012 systems. If you don’t have any of those, you should be ok to disable this vulnerable feature. Here’s some documentation on how to do so:
#cybersecurity #EntraID #microsoft
From: @r1cksec
https://infosec.exchange/@r1cksec/114019481650636237
learn.microsoft.comTurning off Seamless single sign-on - AZUREADSSOACC - Seamless SSO object for Microsoft Entra Connect - Microsoft Q&AI need some help and guidance in Turning off Seamless single sign-on as we are already using Hybrid Azure AD / Entra ID with Password Hash Sync.
There is an AD object called AZUREADSSOACC - Seamless SSO object for Microsoft Entra Connect.
What will be…
If you are into #entraID and #iam - i highly recommend the https://entra.news/ #newsletter
@merill and Joshua do an amazing job at getting the latest news, tips, podcasts and content together in an easy to read and follow format.
entra.newsEntra.News - Your weekly dose of Microsoft Entra | Merill Fernando | SubstackEntra.News is the go-to newsletter for the latest updates & expert insights on Microsoft Entra. Curated from top sources like Microsoft & MVPs, it's trusted by IT Pros & enterprise security teams worldwide to stay ahead in identity & access management. Click to read Entra.News - Your weekly dose of Microsoft Entra, a Substack publication with tens of thousands of subscribers.
How to Use Bulk User Operations in Entra Admin Center
A new preview option in the Entra admin center supports the ability to update multiple Entra ID accounts. You can update properties, add managers and sponsors, update group membership, revoke account access, and so on. The only surprising thing about the new option is that it’s taken Microsoft so long to add it to the admin center.
https://office365itpros.com/2025/02/12/update-multiple-entra-id-accounts/
#Microsoft365 #EntraID
Office 365 for IT Pros · How to Update Multiple Entra ID Accounts in the Admin CenterA new preview option in the Entra admin center supports the ability to update multiple Entra ID accounts. You can update properties, add managers, and so on.
iX-Workshop: Angriffe auf Entra ID abwehren
Lernen Sie, wie Sie Entra ID einschließlich Azure-Diensten härten und effektiv vor Angriffen schützen.
heise online · iX-Workshop: Angriffe auf Entra ID abwehren
Use Protected Actions to Stop Attackers Hard-Deleting Entra ID Accounts
An article about the horrible devastation that an attacker can wreak inside a compromised Microsoft 365 tenant highlighted how protected actions can help by preventing attackers from being able to permanently remove user accounts unless they can pass additional authentication tests. Protected actions won’t stop attackers that have complete control over a tenant, but it might irritate them!
https://office365itpros.com/2025/02/11/entra-id-protected-action/
#EntraID #Microsoft365
Office 365 for IT Pros · Use Entra ID Protected Actions to Stop AttackersAn article about the horrible devastation that an attacker can wreak inside a compromised Microsoft 365 tenant highlighted how protected actions can help.
Is 'Get Manager (V2)’ failing you again? If a user has no manager, your flows crash! Time to switch to a new boss– Microsoft Graph API! The smarter, stress-free way to find your managers! #PowerPlatform #Power Automate #MicrosoftGraph #Automation #Microsoft365 #EntraID
http://elliskarim.com/2025/02/09/fire-get-manager-v2-in-power-automate-graph-api-is-the-new-boss/
Ellis Karim's Blog · Fire ‘Get Manager (V2)’ in Power Automate – Graph API is the New Boss!Frustrated with ‘Get Manager (V2)’ breaking your Power Automate flows? When a user has no manager in Entra ID, your flow crashes—again! It’s time to fire ‘Get Manager (V2)’ …