Demonstration – Illicit consent grant attack in Azure AD / Office 365
Disclaimer: All information contained within this post is common knowledge, given you grasp basic concepts of AAD default behavior, OAuth2 AuthorizationsLue lisää
Viimeisimmät artikkelit
Testing: Conditional Access: Strong Proof Up for Azure MFA in the cloud
Update 6.May.2019: There is new feature in Conditional Access, which allows creating a different policy for updating security properties,
Easy rundown for ’Your 2FA is mine also’ | CVE-2018-8340 | AD FS Security Feature Bypass Vulnerability
Here is a short rundown of the vulnerability described by MSRC as discovered and described in this detailed Blog by OKTA researcherLue lisää
Risky IP’s and Traffic Analytics
Risky IP feature of AAD Connect Health came to public preview in early May. With AAD Connect Health you canLue lisää
Don’t try this at home (Or configuring AD FS against Azure AD Domain Services)
Fair warning: While I have disclaimer in the bottom of the page, and blog title basically emphasizes it… DoLue lisää
SecureCloudBlog 