Microsoft this week announced that its Azure Active Directory Certificate-Based Authentication (CBA) scheme for "phishing-resistant" authentications is now commercially released and ready for use with ...

Just a day after Microsoft announced its new Entra cloud identity services portfolio, one of Entra's core products suffered wobbly performance for more than 12 hours. Microsoft warned that users of ...

Microsoft announced on Thursday that it now permits organizations using different Microsoft hosted cloud services products to collaborate, if that's mutually agreed, after performing some setup steps.

Microsoft Corp. today announced that its long-lived and much-loved identity and access management service Azure Active Directory is being rebranded, and will henceforth be known as Microsoft Entra ID.

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD. It’s been common knowledge ...

This is not a new issue. I can remember teaching eager students 20 years ago about forest trust in Active Directory and all the options that were available for controlling which users had access to ...

Researchers at Secureworks’ Counter Threat Unit (CTU) have warned of a new and potentially serious vulnerability affecting the pass-through authentication (PTA) hybrid identity authentication method ...

Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen ...

A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants. Lateral movement techniques have been a critical component of ...