Redmond Magazine

Microsoft Details Attack Methods Using Azure AD Connect

Microsoft explained last week how purported nation-state attackers were able to "manipulate the Azure Active Directory (Azure AD) Connect agent," and then destroy a victim's Azure environment. The ...
Bleeping Computer

New Microsoft Azure AD CTS feature can be abused for lateral movement

Microsoft's new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily ...
Dark Reading

Azure AD 'Log in With Microsoft' Authentication Bypass Affects Thousands

Organizations that have implemented the "Log in with Microsoft" feature in their Microsoft Azure Active Directory environments could potentially be vulnerable to an authentication bypass that opens ...