identity security

For many IT administrators and security-conscious business leaders, the push towards robust multifactor authentication (MFA) in Microsoft 365 environments is both reassuring and occasionally frustrating. Microsoft’s aggressive promotion of its own Authenticator app, often transforming it from a...

Delegated Managed Service Accounts (dMSAs), unveiled with Windows Server 2025, represent a significant evolution in Microsoft’s approach to service account security. At their core, dMSAs are intended to solve long-standing operational challenges for enterprise IT while closing off familiar...

Microsoft’s Secure Future Initiative (SFI) represents the company’s most ambitious and transparent push yet to move Zero Trust security from theory to ubiquitous, real-world practice. For those charting the latest evolutions in enterprise security—Windows enthusiasts, IT professionals, business...

Microsoft's security landscape has reached a new milestone, with the BeyondTrust 2025 Microsoft Vulnerabilities Report documenting a record 1,360 vulnerabilities in 2024—a significant 11% increase from the previous peak in 2022. Key Findings from the 2025 Report: Elevation of Privilege (EoP)...

Microsoft is continuing its evolution of cloud-based identity management with the unveiling of OpenID Connect (OIDC) identity provider support for Entra External ID—a move poised to fundamentally reshape the way organizations blend security, scalability, and user experience in authentication...

Netwrix has recently unveiled significant enhancements to its 1Secure SaaS platform, introducing a new Data Security Posture Management (DSPM) solution tailored for Microsoft 365 environments. This development aims to bolster identity and data security by providing organizations with advanced...

Identity-based cyberattacks have rapidly emerged as one of the most pressing security challenges facing organizations in 2024 and beyond. As digital transformation accelerates, shifting workforces to remote and hybrid models and driving deeper cloud adoption, the boundaries that once defined...

Russian threat actors have once again raised the bar for cyber espionage, turning attention toward OAuth 2.0 authentication flows in Microsoft 365, hijacking accounts connected to Ukraine and human rights organizations. Their tactics, as uncovered by cybersecurity firm Volexity, fit into a...

If the relentless onslaught of over 600 million daily attacks on Microsoft Entra ID hasn’t made you lose sleep (or at least reach for another cup of coffee), then you probably weren’t aware of just how truly dire digital identity protection has become. But fear not, because Veeam Software, ever...

Arkose Labs, a leader in fraud prevention, has recently deepened its collaboration with Microsoft by participating in the Microsoft Security Copilot Partner Private Preview. This initiative aims to integrate Arkose Labs' advanced bot management solutions with Microsoft's AI-driven security...

In a world where cybersecurity threats loom like dark clouds on the horizon, Microsoft is making strides with its Secure Future Initiative. Launched to tackle critical security challenges that have put both businesses and government data at risk, this initiative aims to create a robust defensive...

If you’re a Microsoft user who already winces at the monthly rhythm of Patch Tuesday, brace yourself for a whiplash: 2024 has battered records, as the twelfth edition of the Microsoft Vulnerabilities Report delivers a not-so-sweet symphony—you guessed it—of 1,360 reported vulnerabilities. That’s...

North winds carry more than just Poland’s infamous cold: as March 2025 would have it, they swept in a fresh surge of NTLM hash theft, thrusting CVE-2025-24054 into the glaring spotlight of cybersecurity’s main stage. Weeks before most CIOs had even had their coffee, threat actors were already...

Record-Breaking Microsoft Vulnerabilities: The State of Digital Risk in 2024 The Microsoft Security Paradox: More Defenses, More Vulnerabilities In a world where our digital existence is increasingly entangled with complex software, even technology giants like Microsoft are not immune to a...

Microsoft Vulnerabilities in 2024: A Record-Breaking Year and What It Means for Users and Enterprises As the digital world continues to expand, the software that powers our daily lives grows increasingly complex—and so do its vulnerabilities. In 2024, Microsoft, a cornerstone of global computing...

Microsoft Vulnerabilities in 2024: A Deep Dive into the Record-Breaking Security Landscape The digital world continues to witness an unrelenting surge in cybersecurity threats, and the 12th Annual BeyondTrust Microsoft Vulnerabilities Report for 2024 has just raised the alarm louder than ever...

Microsoft Defender for Identity is stepping up its game by integrating with leading Privileged Access Management (PAM) solutions—a move that promises significant strides in enhancing security around privileged accounts. In today’s cybersecurity landscape, where threats often target accounts with...

Innovative Phishing Tactics Threaten Critical Infrastructure Russian state-backed APT group Storm-2372 has triggered a new alarm in the cybersecurity community by leveraging an ingenious form of device code phishing to sidestep multi-factor authentication (MFA). This sophisticated attack...

The rapid evolution of cloud environments and an explosion of both human and machine identities have compelled enterprises to reevaluate how they secure access to their critical resources. With Microsoft Entra Permissions Management set to retire on October 1, 2025, a fresh chapter in cloud...

In a bid to raise the bar on identity security, Microsoft is rolling out new, automatically deployed policies targeting a growing vulnerability: Device Code Flow attacks. Featured in the latest edition of Entra 🆔 News (#85), these updates mark another significant step in Microsoft’s ongoing...