A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor ...

One API to access all of your data in the Microsoft Cloud? We’re remarkably close to that reality. Here’s what you need to know to start building applications with the Microsoft Graph API. The ...

A critical Microsoft authentication vulnerability could have allowed a threat actor to compromise virtually every Entra ID tenant in the world. The elevation of privilege (EoP) vulnerability, tracked ...

A publicly accessible configuration file for ASP.NET Core applications has been leaking credentials for Azure ActiveDirectory (AD), potentially allowing cyberattackers to authenticate directly via ...

One key platform feature of Office 365 that is not well understood is Microsoft Graph. Building on the information stored in Office 365 and in Microsoft’s systems management and identity tools, ...

Microsoft released new tools and resources this week for Azure Active Directory, including more platforms in its Microsoft Authentication Library, a tool to check security best practices and an easier ...