🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Took my kids to the stem day last year and they have not stopped asking to go back. Very much recommended!

Interesting topic I've been asked about a few times. My take? It's more trouble than it's worth for most orgs and I'm concerned about privesc from app admin and cloud app admin.

Interesting technique to block the use of client secrets in a tenant. They're more prominent than you would think.

Viewing Entra Connect config info such as PHS now requires GA. 👎 PowerShell and Graph API are similarly affected. LMK if you find a way to collect this info with read-only access.

I'm hanging with the Red Siege crew in 30m. Come say hi as I ramble about Conditional Access exploitation and defense. redsiege.com/wedoff

Give moms - especially those fighting beside their child with cancer - the greatest gift this Mother’s Day: a cure. Become a monthly donor or make a one-time gift today: ow.ly/IKmI50VMkIi For every mom, this cure is for you. ❤️

If you aren't already following Nathan, you're totally missing out. Probably half of my twitter engagement is connected to him in some way. I could not recommend anyone more.

We just held our first conference at our global HQ and we can't wait to do it again 😃 SmileyCon was a huge success. Thanks to everyone who attended and helped make it a reality!

Delegated permissions in Active Directory: silent but deadly 💩💨🤢 For example: Some random user with “FullControl” of the Domain Controllers OU Nessus didn’t find it… The IT team didn’t know it was there… It wasn’t discovered on past pentests… 🧵I found it almost

Happy Mother's Day to all you wonderful moms out there. You're doing an awesome job 👏

24 Hour Reminder! The Wednesday Offensive is tomorrow at 130pm ET! Join the Conversation 🔗 redsiege.com/wedoff #hacking #infosec #cybersecurity

Thanks Phillip Wylie hope you have an amazing day and weekend! Same to everyone else reading this. ❤️

Do you know how many Graph API permissions Microsoft documents as low risk as of the last time I read the docs? Less than 5. Think about that.

Justin Elze Deja vu! Password sprays ftw, AGAIN! Wow, if only there was SOME WAY to make it harder for the baddies to identify valid users in Azure. Too bad it couldn't possibly be an EXTREMELY simple fix, like disabling verbose error codes. 🙄

If you are coming to BlackHat this year and are looking for a blend of offensive tradecraft with a mix of threat hunting training, this is hands down one of the best classes for that. #TrustedSec ADVERSARY TACTICS AND THREAT HUNTING blackhat.com/us-25/training…

Does anyone else hear Teams, Slack, Signal, and Outlook chimes in their sleep? My ADHD is at a high level right now. 👀

It looks like Okta finally added support for Entra External Authentication Method (EAM)! 🎉 help.okta.com/oie/en-us/cont… This allows Okta Verify to meet Conditional Access "Require MFA" requirements, no more custom controls! So let's do a thread on how to set this :)

you should be allowed to leave work early if you miss your wife enough

Sounds about right :)