#entra-id

[ follow ]
#cybersecurity #cve-2025-55241 #actor-tokens #azure-ad-graph-api #data-breach #surveillance #sms-spam
Information security
fromIT Pro
4 days ago

A terrifying Microsoft flaw could've allowed hackers to compromise 'every Entra ID tenant in the world'

A critical Entra ID vulnerability (CVE-2025-55241) could have allowed cross-tenant full administrative compromise via undocumented 'Actor' tokens and Azure AD Graph API validation flaws.
Information security
fromWIRED
6 days ago

Security News This Week: A Dangerous Worm Is Eating Its Way Through Software Packages

Multiple serious security failures and threats emerged this week, including government data exposure, critical identity-management flaws, hypersonic missile tests, and advanced SMS-scamming techniques.
fromTheregister
1 week ago

Entra ID bug could have granted access to every tenant

"If you are an Entra ID admin," wrote Mollema, "that means complete access to your tenant."
Information security
Information security
fromComputerworld
4 weeks ago

Microsoft releases Windows Backup for Organizations to ease migration of user settings to Windows 11

Windows Backup for Organizations restores settings only on Windows 11 version 22H2 or later; Windows 10 cannot restore settings despite being backed up.
Tech industry
fromThe Hacker News
5 months ago

Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach

Microsoft has migrated its account signing services to Azure confidential VMs for enhanced security.
[ Load more ]