Tag: conditional access
-
CSA: How to Secure Break Glass Accounts in Multi-Cloud
Source URL: https://www.britive.com/resource/blog/break-glass-account-management-best-practices Source: CSA Title: How to Secure Break Glass Accounts in Multi-Cloud Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the criticality of managing “break glass” accounts in multi-cloud environments, highlighting the associated security risks and providing best practices for effective access management. It is particularly relevant for IT professionals…
-
CSA: 5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
Source URL: https://thehackernews.com/2024/11/5-saas-misconfigurations-leading-to.html Source: CSA Title: 5 SaaS Misconfigurations Leading to Major Fu*%@ Ups Feedly Summary: AI Summary and Description: Yes Summary: The text addresses critical misconfigurations in SaaS applications that pose substantial security risks, particularly for organizations relying on cloud services. It highlights five specific configuration mistakes, detailing their risks, impacts, and recommended actions,…
-
Cloud Blog: (In)tuned to Takeovers: Abusing Intune Permissions for Lateral Movement and Privilege Escalation in Entra ID Native Environments
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/abusing-intune-permissions-entra-id-environments/ Source: Cloud Blog Title: (In)tuned to Takeovers: Abusing Intune Permissions for Lateral Movement and Privilege Escalation in Entra ID Native Environments Feedly Summary: Written by: Thibault Van Geluwe de Berlaere, Karl Madden, Corné de Jong The Mandiant Red Team recently supported a client to visualize the possible impact of a compromise by…
-
Microsoft Security Blog: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/ Source: Microsoft Security Blog Title: Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files Feedly Summary: Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is…
-
Microsoft Security Blog: Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/31/chinese-threat-actor-storm-0940-uses-credentials-from-password-spray-attacks-from-a-covert-network/ Source: Microsoft Security Blog Title: Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network Feedly Summary: Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source…
-
Alerts: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments
Source URL: https://www.cisa.gov/news-events/alerts/2024/10/31/foreign-threat-actor-conducting-large-scale-spear-phishing-campaign-rdp-attachments Source: Alerts Title: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments Feedly Summary: CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious…
-
Microsoft Security Blog: File hosting services misused for identity phishing
Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/ Source: Microsoft Security Blog Title: File hosting services misused for identity phishing Feedly Summary: Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities,…
-
Cloud Blog: Safer by default: Automate access control with Sensitive Data Protection and conditional IAM
Source URL: https://cloud.google.com/blog/products/identity-security/automate-access-control-with-sensitive-data-protection-and-conditional-iam/ Source: Cloud Blog Title: Safer by default: Automate access control with Sensitive Data Protection and conditional IAM Feedly Summary: The first step towards protecting sensitive data begins with knowing where it exists. Continuous data monitoring can help you stay one step ahead of data security risks and set proper access controls to…