identity security

Security researchers have recently uncovered a critical technique that could allow attackers to seize Global Administrator access in Microsoft Entra ID, raising significant concerns across the enterprise security landscape. The vulnerability—first reported by Datadog and detailed in the Petri IT...

In recent developments, cybersecurity researchers have uncovered a sophisticated phishing toolkit named PoisonSeed, designed to circumvent the robust protections offered by FIDO2 authentication. This malicious tool targets users of Microsoft 365, Google Workspace, and Okta by redirecting their...

Here’s a summary of the critical flaw "Golden dMSA" in Windows Server 2025 reported by Semperis: What is Golden dMSA? Golden dMSA is a newly discovered, critical design flaw in delegated Managed Service Accounts (dMSA) on Windows Server 2025. Discovered by: Semperis, a security research and...

Semperis has unveiled a critical design flaw in Windows Server 2025's delegated Managed Service Accounts (dMSAs), termed "Golden dMSA." This vulnerability allows attackers to generate service account passwords, facilitating undetected, persistent access across Active Directory environments. The...

Semperis, a leader in identity security, has uncovered a critical design flaw in Windows Server 2025 that exposes Delegated Managed Service Accounts (dMSAs) to a high-impact attack known as "Golden dMSA." This vulnerability enables attackers to perform cross-domain lateral movements and maintain...

The evolving threat landscape for enterprises and public institutions is continually shaped by the tactics of advanced cybercriminal groups. Among them, Octo Tempest—also known as Scattered Spider, Muddled Libra, UNC3944, and 0ktapus—has emerged as one of the most adaptive and persistent...

A pivotal security development has emerged from the world of enterprise identity management: a critical flaw has been identified in delegated Managed Service Accounts (dMSA) within Windows Server 2025. This vulnerability, discovered and named the “Golden dMSA” attack by Semperis security...

Microsoft has recently expanded its Security Copilot assistant to integrate seamlessly with Microsoft Intune and Microsoft Entra, introducing AI-driven features aimed at enhancing endpoint management and identity infrastructure. This development underscores the pivotal roles of Intune and Entra...

The cybersecurity stakes for today’s businesses have never been higher, with record numbers of threats, mounting regulatory pressure, and a continuous shortage of experienced infosec professionals. Recent years have seen sustained attacks ranging from sophisticated ransomware to nation-state...

In the ever-shifting landscape of cybersecurity, the partnership between Huntress and Microsoft marks a significant strategic development for businesses worldwide, particularly for organisations facing technical and resource-related constraints. With cyberattacks escalating in both frequency and...

In an era where identity is the ultimate gatekeeper for digital business, organizations face growing threats to the very core of their cloud ecosystems: their identity and access management (IAM) data. As more enterprises migrate their operations to the cloud and leverage Microsoft Entra ID...

As cyberattacks escalate in both frequency and sophistication, businesses around the world are grappling with an unyielding wave of threats targeting their data, assets, and operations. In a bold move designed to address these persistent challenges, Huntress, a rising force in enterprise-grade...

For the estimated 300 million organizations worldwide that rely on Microsoft software to manage their operations, cybersecurity remains a daunting and ever-evolving challenge. Many businesses, especially small and midsize enterprises (SMBs), find themselves equipped with powerful security tools...

In the ever-evolving landscape of cybersecurity, safeguarding identity and access management systems is paramount. Recognizing this critical need, Barracuda Networks has introduced Entra ID Backup Premium, a robust solution designed to enhance the protection and retention of Microsoft Entra ID...

Integris, a prominent managed services provider, has unveiled a comprehensive rebranding initiative, marked by the launch of its Microsoft 365 Security & Compliance Assessment. This strategic move underscores Integris's commitment to innovation and its dedication to serving highly regulated...

Cybersecurity professionals worldwide have watched for years as the battle between defenders and attackers has grown increasingly sophisticated. But a new wave of threats is now on the horizon—one where generative AI acts as the great equalizer, equipping even novice cybercriminals with the...

There’s a growing threat in the digital landscape that preys on trust rather than technical vulnerability. It slips quietly into our daily lives, masquerading not as suspicious spam, but as the kind of corporate communication we expect: a calendar invite. For millions of Microsoft 365 and...

Microsoft's drive towards a passwordless future is entering a transformative and controversial new phase, with the tech giant set to delete all saved passwords from its Authenticator platform in August—a move projected to affect roughly 75 million users worldwide. This ambitious overhaul...

June 2025 brought several new vulnerabilities into sharp focus for IT professionals, from newly disclosed exploits in core enterprise federation services to critical flaws lurking in everyday collaboration platforms. Cutting through the noise, it’s clear that not every CVE carries equal...

For small businesses leveraging Microsoft 365, security is no longer a passive IT checkbox—it is a living, breathing discipline that can directly impact the survival and reputation of an organization. The surge in cyberattacks exploiting cloud misconfigurations and the rise of sophisticated...