conditional access

A newly surfaced cybersecurity threat has put over 130,000 devices under the control of a sophisticated botnet, leveraging these compromised endpoints to mount large-scale password spraying attacks against Microsoft 365 accounts. This troubling development, uncovered by SecurityScorecard’s...

If you’ve already started mentally composing your next big idea in Outlook, you might want to hit “Save as Draft” for a moment—there’s a new cyberattack in town, and it’s got your Microsoft 365 credentials written all over it... possibly in Cyrillic. A New Breed of Phishing: Sophisticated Social...

Seven years ago, when Microsoft began its journey towards a Zero Trust security model, “trust but verify” was tossed out the window like an old Clippy paperclip, and “never trust, always verify” took its place. If you’re picturing a fortress of firewalls and VPN tunnels coiled around Microsoft’s...

Microsoft 365 users—especially those with links to Ukraine or human rights circles—have recently been finding themselves the unwitting stars in an international cyber-thriller: Russian-linked hackers are back, and this time, they've upgraded from phishing Netflix logins to abusing Microsoft's...

If you’re still shuffling VPN connection profiles like a deck of cards every Monday morning, you might want to sit down—because everything you thought you knew about “secure remote access” is in for a major rethink. VPNs: The Ancient Relic That Won’t Retire Let’s face it: the humble VPN has been...

Feeling nostalgic for those halcyon days when logging into your enterprise apps felt optional? Well, savor the memory—Microsoft just flipped the script. In its ongoing tug-of-war with shadowy cyber villains, the tech giant has unleashed the “Reauthentication Every Time Policy” for Entra ID, an...

It started like any other IT administrator weekend — a faint promise of “maybe nothing will break this time.” And then, in the digital hush of an ordinary Saturday, it happened: Microsoft Entra users across the globe found themselves facing the virtual equivalent of a locked door with no key and...

The US Department of Labor’s (DOL) ambitious move toward Zero Trust security demonstrates how government agencies can harness modern identity management to improve cybersecurity while streamlining user access. Over the past several years, Microsoft has supported federal and state organizations...

Microsoft’s latest Entra updates are turning the tables on cyber threats by harnessing artificial intelligence to redefine identity security and streamline policy management. In an era where generative AI applications are both a remarkable asset and an emerging vulnerability, these enhancements...

Cyber threats are evolving—and so must our defenses. A recent investigation by Infosecurity Magazine has uncovered a massive Chinese-affiliated botnet that is bypassing multifactor authentication (MFA) in Microsoft 365 (M365) environments. With over 130,000 compromised devices at its disposal...

In today’s digital battleground, where identity is the new perimeter, Microsoft Entra continues to be the frontline for securing your organization’s most valuable asset—its users. In the latest roundup, Entra.News has shone a spotlight on some alarming developments, most notably the emerging...

In the ever-evolving world of cybersecurity, Microsoft Entra ID has taken a major leap forward with the introduction of "protected actions." This innovative feature is designed to secure Entra ID by mitigating the risks associated with unauthorized hard deletions of user accounts—a critical...

In a stunning demonstration of the evolving cyber threat landscape, multiple Russian nation-state actors are now leveraging a novel phishing technique against Microsoft 365 accounts. This device code authentication phishing campaign, dissected in detail by cybersecurity firm Volexity...

Well, Windows enthusiasts and cybersecurity geeks, gather round, because there's a new player in the world of vulnerabilities that is ready to make a mockery of your hard-earned fortified defenses. This newly uncovered Achilles' heel, ominously dubbed "G-Door", lets cyber miscreants parade right...

Hello Windows Insiders, today we are releasing Build 19044.1499 (21H2) (KB5009596) to the Release Preview Channel for those Insiders who are on Windows 10. This update includes the following improvements: We fixed an issue in Microsoft UI Automation that might cause Microsoft Outlook to stop...

Hi guys, Our company’s environment consists of mostly Win10 machines but we still have some lingering Win7 boxes. Our email is hosted by Office 365 and I’ve recently hopped onto the Azure Active Directory wagon to get our environment more secure. Off the bat I was having troubles adding our...

Our mission is to empower every person and every organization on the planet to achieve more. A trusted and secure computing environment is a critical component of our approach. When we introduced Windows Defender Advanced Threat Protection (ATP) more than two years ago, our target was to...