English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#azureadsecurity search results

ManageEngineIAM's profile picture. @ManageEngine's suite of solutions for identity and access management. A division of @Zoho corp.
ManageEngine IAM
 @ManageEngineIAM
Sep 28, 2021

Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec

ManageEngineIAM's tweet image. Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec
0
0
0
0
0
MyCloud_Service's profile picture. Elevate your brand with MyCloud Services. Build and expand your company with our fully white-labeled suite of profitable and scalable cloud solutions.
MyCloud Services
@MyCloud_Service
Jan 10, 2023

Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity

MyCloud_Service's tweet image. Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity
0
0
0
0
22
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Nov 14, 2022

A friend has published research demonstrating that #PrivilegedIdentityManagement (PIM) does 𝙣𝙤𝙩 mitigate the impact of a compromised user via their refresh token: #AzureAD #AzureADSecurity #M365 #Azure TL;DR in 🧵 (1/7)

CodyBurkard's profile picture. Security researcher specializing in Entra, Azure and application security
Cody Burkard
 @CodyBurkard
Nov 11, 2022

I've been fielding some questions recently regarding this, and if it's worth using PIM at all in light of my writeup from earlier this year - codyburkard.com/blog/jitprivil…. In short, an attacker can fairly easily bypass PIM MFA and approver requirements.

codyburkard.com

Just-in-time privilege escalation - A silver token for bypassing PIM

Just-in-time privilege escalation - A silver token for bypassing PIM

Source: codyburkard.com
1
11
14
8
0
1
18
66
53
0
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Jan 19, 2023

Awesome research from @Secureworks! Congrats on the finding and thank you for sharing details 👇 #AzureAd #AzureAdSecurity

SantasaloJoosua's profile picture. DadOf2,Security researcher@Secureworks, Azure MVP,MSRC Top100 MVR23,Node.js Certified (JSNSD),Azure Security enthusiast,blogs @(https://t.co/QYYm1988cA)
Joosua Santasalo
 @SantasaloJoosua
Jan 18, 2023

1/2 - Our team @Secureworks discovered flaw which allowed persistence of user assignment on SAML Apps via backdoor OAuth2 App after the assignment was removed. The Flaw could be abused by chaining the backdoor app in specific flow combination secureworks.com/research/azure…

1
22
49
6
17K
1
2
5
0
1K
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Oct 28, 2022

Always ensure the lifecycle of an App Registration’s redirect URI is the same as the Azure resource it points to. Wondering why? 👇 #AzureAD #AzureADSecurity

1
0
0
0
0
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Feb 11, 2023

That's why you don't sync on-prem service accounts with #AzureAd 👇 #AzureADSecurity #M365 #Kerberos #AzureAdConnect #pentest #pentesting

rootsecdev's profile picture. Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
rootsecdev
@rootsecdev
Feb 9, 2023

Are you using Azure Seamless SSO? Want to know how to impersonate cloud users (think service accounts) via Kerberos after stealing the SSO machine account hash. I got you covered. trustedsec.com/blog/azure-ad-…

rootsecdev's tweet card. Figure 1 - SSO Machine Account NTLM Extraction To confirm Azure SSO was in use in this hybrid environment, AADInternals was used to perform reconnaissance…
Azure AD Kerberos Tickets: Pivoting to the Cloud
Source: trustedsec.com
5
113
337
170
119K
0
0
1
0
353
nickodonnell_'s profile picture. @DakotaState Cyber Security Alum ⬡ | Lead Cyber/Cloud Security Engineer ☁️ | IT Sys Admin 👨‍💻
Nick O'Donnell
 @nickodonnell_
Sep 23, 2023

Transferring @Microsoft Authenticator tokens is by far the worst part about getting a new phone. Especially when you have 15 Azure AD accounts to re-register... The backup helps but you still have to go one-by-one. 🫠 #AzureADSecurity #MSAuthenticator

1
0
1
0
284
nickodonnell_'s profile picture. @DakotaState Cyber Security Alum ⬡ | Lead Cyber/Cloud Security Engineer ☁️ | IT Sys Admin 👨‍💻
Nick O'Donnell
 @nickodonnell_
Sep 23, 2023

Transferring @Microsoft Authenticator tokens is by far the worst part about getting a new phone. Especially when you have 15 Azure AD accounts to re-register... The backup helps but you still have to go one-by-one. 🫠 #AzureADSecurity #MSAuthenticator

1
0
1
0
284
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Feb 11, 2023

That's why you don't sync on-prem service accounts with #AzureAd 👇 #AzureADSecurity #M365 #Kerberos #AzureAdConnect #pentest #pentesting

rootsecdev's profile picture. Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
rootsecdev
@rootsecdev
Feb 9, 2023

Are you using Azure Seamless SSO? Want to know how to impersonate cloud users (think service accounts) via Kerberos after stealing the SSO machine account hash. I got you covered. trustedsec.com/blog/azure-ad-…

rootsecdev's tweet card. Figure 1 - SSO Machine Account NTLM Extraction To confirm Azure SSO was in use in this hybrid environment, AADInternals was used to perform reconnaissance…
Azure AD Kerberos Tickets: Pivoting to the Cloud
Source: trustedsec.com
5
113
337
170
119K
0
0
1
0
353
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Jan 19, 2023

Awesome research from @Secureworks! Congrats on the finding and thank you for sharing details 👇 #AzureAd #AzureAdSecurity

SantasaloJoosua's profile picture. DadOf2,Security researcher@Secureworks, Azure MVP,MSRC Top100 MVR23,Node.js Certified (JSNSD),Azure Security enthusiast,blogs @(https://t.co/QYYm1988cA)
Joosua Santasalo
 @SantasaloJoosua
Jan 18, 2023

1/2 - Our team @Secureworks discovered flaw which allowed persistence of user assignment on SAML Apps via backdoor OAuth2 App after the assignment was removed. The Flaw could be abused by chaining the backdoor app in specific flow combination secureworks.com/research/azure…

1
22
49
6
17K
1
2
5
0
1K
MyCloud_Service's profile picture. Elevate your brand with MyCloud Services. Build and expand your company with our fully white-labeled suite of profitable and scalable cloud solutions.
MyCloud Services
@MyCloud_Service
Jan 10, 2023

Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity

MyCloud_Service's tweet image. Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity
0
0
0
0
22
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Nov 14, 2022

A friend has published research demonstrating that #PrivilegedIdentityManagement (PIM) does 𝙣𝙤𝙩 mitigate the impact of a compromised user via their refresh token: #AzureAD #AzureADSecurity #M365 #Azure TL;DR in 🧵 (1/7)

CodyBurkard's profile picture. Security researcher specializing in Entra, Azure and application security
Cody Burkard
 @CodyBurkard
Nov 11, 2022

I've been fielding some questions recently regarding this, and if it's worth using PIM at all in light of my writeup from earlier this year - codyburkard.com/blog/jitprivil…. In short, an attacker can fairly easily bypass PIM MFA and approver requirements.

codyburkard.com

Just-in-time privilege escalation - A silver token for bypassing PIM

Just-in-time privilege escalation - A silver token for bypassing PIM

Source: codyburkard.com
1
11
14
8
0
1
18
66
53
0
emiliensocchi's profile picture. Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Emilien Socchi
 @emiliensocchi
Oct 28, 2022

Always ensure the lifecycle of an App Registration’s redirect URI is the same as the Azure resource it points to. Wondering why? 👇 #AzureAD #AzureADSecurity

1
0
0
0
0
ManageEngineIAM's profile picture. @ManageEngine's suite of solutions for identity and access management. A division of @Zoho corp.
ManageEngine IAM
 @ManageEngineIAM
Sep 28, 2021

Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec

ManageEngineIAM's tweet image. Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec
0
0
0
0
0
No results for "#azureadsecurity"
ManageEngineIAM's profile picture. @ManageEngine's suite of solutions for identity and access management. A division of @Zoho corp.
ManageEngine IAM
 @ManageEngineIAM
Sep 28, 2021

Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec

ManageEngineIAM's tweet image. Migrating to the Azure? Learn how to secure your Azure AD: zcu.io/kHxO #AzureADsecurity #cybersecurity #ITSec
0
0
0
0
0
MyCloud_Service's profile picture. Elevate your brand with MyCloud Services. Build and expand your company with our fully white-labeled suite of profitable and scalable cloud solutions.
MyCloud Services
@MyCloud_Service
Jan 10, 2023

Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity

MyCloud_Service's tweet image. Is Azure AD password protection enough? While it is better than nothing there are flaws in this Microsoft feature that leave businesses who rely on it vulnerable to attack. Learn more: bit.ly/3QKi3tf #azureadsecurity
0
0
0
0
22

Something went wrong.


Something went wrong.


United States Trends