Need to find out who has highly privileged OAuth API access to your Microsoft 365 tenant? I just published a new cmdlet that will generate a detailed report down to individual permission scopes. All the details in this YouTube video youtube.com/watch?v=vO0m5y…

Oof, someone was quick. Our first ticket has been sold and we've only just released the first drop. Wait.... Read that again.... we've just released the first ticket drop 😀😀😀 Hurry!!!! eventbrite.co.uk/e/bsides-cymru… #bsides #infosec #bsidescymru

FINAL TICKET RELEASE NOW! eventbrite.co.uk/e/bsides-cymru…

The ability to block Device Code Flow just became available in Microsoft Entra ID Conditional Access. Here's a quick walkthrough of how attackers use device code flow to get access to your tenant and what you can do to protect yourself.

Native FIDO2 support for strong authn without ADCS Reference architectures for deploying hardened domain services (hybrid) Built in lockdown mode with hardening policy and WDAC Turnkey PIM and secure admin solution (Arc?)

Enclave.io with Entra SSO

The final #BSidesLDN2024 ticket release is tomorrow! eventbrite.co.uk/e/bsides-londo… If you get (or currently have) a ticket and find you can no longer be there on the day, please cancel or transfer your ticket so someone else can! #Security #BSides #London #BSidesCyBear #Tickets

We all know it’s not a great idea to log into end-user systems with Domain Admin creds, but it still happens. A lot. And every time I see it, it makes me 😔 — here’s why: 🧵A short (probably relatable) thread of how it can go sideways..

There’s TEN days until our early bird tickets! Our Early Bird tickets are £15 and you’ll be helping to support us and the local cyber community - plus you get your own limited edition challenge coin 👀 Set your alarm for 11am on 18/04! See you there!

Folks, hope you can join us on Wednesday for this month's user group - these speakers are absolute experts in what they do and you will learn a ton. It's not recorded, so join us live or miss out. REGISTER: meetup.com/m365sandcug/ev…

Croeso BSides Aberystwyth, bydded i ni fod y cyntaf i'ch croesawu a phob lwc ym mis Tachwedd! bsidesaberystwyth.org #Security #BSides #Aberystwyth #BSidesAberystwyth

Cloud security in a nutshell: goal is to decrease risk. In cloud it goes a bit like this: IAM - MFA all the things. If you can swing it with ops, pilot passwordless. Users will love it, I promise! Make sure everyone can't just escalate privileges when they're not admins Make

Today we released our new (free) AWS Infrastructure Canarytoken. It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed. Extending our old work on fake AWS assets, this makes it even easier to deploy juicy S3

Folks, I'm super excited to announce a three part webinar series from Microsoft that involves some of your favorite folks from the Entra community. Nathan McNulty and Ru Campbell will be joining me and others from Microsoft to talk about implementing Zero Trust for identity and

Key things seen in ransomware incidents: 1) VPN does not require MFA 2) Standard User VPN access gives access to management interfaces 3) LDAP access leads to domain admin via: Passwords in description fields, kerberoasting and other common escalation points (but seriously the

New post: focusing on the key biggest Microsoft 365 security considerations. READ: campbell.scot/microsoft-365-… When we talk about Microsoft 365 security, we are talking about two things: (a) securing Microsoft 365 the platform, (b) using Microsoft 365 security tooling.

LOLRMM-KQL coming soon...🫡

I finally came around and documented all the Conditional Access bypasses in a single blog post. It contains not only the documented bypasses, but also the results of new research. #Entra #ConditionalAccess #Security #Cheese cloudbrothers.info/en/conditional…

We spend a lot of time talking about OAuth phishing, token theft from malware, adversary in the middle phishing and other novel attacks, and rightly so, but it is important to remember that MFA is still an extremely valuable control. Modern MFA reduces the risk of identity