At @WEareTROOPERS I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications. The attack is still alive and well. You can read all about it here:. #Entra #M365 #infosec.

Another great talk yesterday from @_dirkjan revealing a super interesting path - moving from exchange hybrid on-prem bits to owning Entra.

Join millions who have switched to Grok.

If you work in, around, near, adjacent, or so on, to #identity, including #infosec and #Entra, you should fill out the #IDPro skills survey. It takes five minutes and really helps in understanding the industry landscape.

RT @SpecterOps: Check out this new blog post from @_wald0 discussing the fundamental components & mechanics that enable the emergence of cr….

If you consume multi-tenant apps in #EntraID, and they’ve been granted consent to do things in your tenant, you can spy on the auth choices your vendor makes - secrets or certs - in the logs available in your #Entra tenant. #infosec #azure #m365.

RT @TEMP43487580: I finished my talk at BHEU! The attack methods and techniques shared in the talk are not a great deal, but I hope this se….

RT @DrAzureAD: New #AADInternals version is finally out now:.▪ Moved endpoint related stuff to new module: AADInternals-Endpoints.▪ Added b….

RT @TrimarcSecurity: Wednesday, December 11th, Trimarc Active Directory Security Assessment Service Lead Jake Hildreth joins the @Antisy_Tr….

RT @decoder_it: M'm glad to release the tool I have been working hard on the last month: #KrbRelayEx.A Kerberos relay & forwarder for MiTM….

RT @fabian_bader: Device-bound #passkeys in #EntraID are finally GA . #AiTM #Security #FIDO2 .

RT @cybersaiyanIT: Curious about the sessions you missed at #RomHack2024 this year?. Here you go: @ericonidentity - UnOAuthorized: The disc….

For those that *really* miss the old AAD portal:. #Entra #EntraID

Still hard to not laugh when you see things like this in a #Entra tenant 😅

RT @DrAzureAD: A quick debriefing with @ericonidentity, @kfosaaen, and @Thomas_Live after @HIPConf at @crescentbrew 🍻 .

En route to #HIPConf24, where I’ll be presenting on #UnOauthorized, as well as joining a panel with @Thomas_Live, @gkirkpatrick, @GGrillen and @shorinsean on workload identities, and having some good hallway conversations. Looking forward to seeing folks!. #Entra #infosec

Redmond bound for @MSFTBlueHat, co-presenting with @SecretlyHidden1 “The Two Sides of UnOAuthorized” 😎. It will be my sixth trip out to the PNW - one of my favorite parts of the country to visit, so I’m excited for many reasons!

To those people attending your session that nod along and smile and seem to understand what you’re talking about - 🫡

I propose that @cyberriskall would better serve their speakers if they didn’t give out speaker contact information to vendors. It takes a lot of time to prepare for big conferences… and the payment is “sorry we missed you” spam from vendors 🙄.

RT @clatent: Created an interactive web version of EntraFIDOFinder now too as well as updated the module. Made a quick blog post it, let me….

- Using “we” in writing when representing a team, even if (I’m presuming) the research was performed by a single person 💪. I know for my own writing and research I’m going to try and steal a page or two from this as a guide 🫡. 4/4.