Dark Reading

Rogue Azure AD Guests Can Steal Data via Power Apps

Guest accounts in Azure AD (AAD) are meant to provide limited access to corporate resources for external third parties — the idea is to enable collaboration without risking too much exposure. But ...
CSOonline

How Azure Active Directory opens new authentication risks

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD. It’s been common knowledge ...
Computer Weekly

Users warned over Azure Active Directory authentication flaw

Researchers at Secureworks’ Counter Threat Unit (CTU) have warned of a new and potentially serious vulnerability affecting the pass-through authentication (PTA) hybrid identity authentication method ...
Infosecurity-magazine.com

Azure AD Credentials Exposed in Public App Settings File

A cybersecurity assessment has uncovered a serious vulnerability involving Azure Active Directory (Azure AD). Resecurity’s HUNTER Team discovered that application credentials, specifically the ...