219 domain admins.

Azure Bastion CVE-2025-49752 👀 CVSS Score: 10/10 Affected: All Azure Bastion deployments prior to the security update released on November 20, 2025 https://t.co/MTpd2zaxeL

Key things seen in ransomware incidents: 1) VPN does not require MFA 2) Standard User VPN access gives access to management interfaces 3) LDAP access leads to domain admin via: Passwords in description fields, kerberoasting and other common escalation points (but seriously the

I'm just going to leave this here, as I keep seeing surprised faces when I tell people about Windows Hello multifactor unlock. Yes, you can enforce 2️⃣ factors to unlock your Windows machine! See for yourself. https://t.co/dQTMYHKkUe

🎉 A warm welcome to all the new MVPs! 🎉 You’ve joined a global community of passionate experts, builders, and changemakers who go above and beyond to share knowledge, support others, and drive innovation. Whether you’re leading user groups, writing code, creating content, or

What's a red flag in IR 🚩? My colleague @mikael_nystrom takes you through some of the tools of the trade. Read more here: https://t.co/JS9rqnJDaO

A series about red flags, what they are and why you need to care @Truesec @mikael_nystrom

Restore and Repair – Don’t Build New After an Incident @Truesec https://www.truesec.comhub/blog/restore-and-repair-dont-build-new-after-an-incident

🤣

@DOGE Good find. Those licenses cost on average $500,000,000/year. That saved the country potentially hundreds of billions of dollars. Now the government can put that money to good use such as reintroducing lead to paint to keep the photon radioactive waves out of our brains

Enhance your AppManagEvent 2025 visit by attending an exclusive in-person IT-Pro training from top experts like @samilaiho @PaulaCqure @mikael_nystrom @headburgh or @TimothyMangan – before and/or after the event! 🎟️ Bonus: Your training session includes a ticket to the event.

⚡ Check out this new Microsoft Entra blog post 👇 Microsoft Entra PowerShell module now generally available https://t.co/VHNfraXmy2

That's him. He's the one forcing us to change our passwords every 90 days.

Hey, Entra ID admins. Do you have Passkey (FIDO2) enabled, and does your setting look like this? Early next year, Passkey in Authenticator will be enabled automatically. If that's okay, sit back and relax while your users become phishing-resistant. If not, please act now!

Wheels up tomorrow morning, prepping for mine and @mikael_nystrom's Masterclass at @NICconf on Wednesday, and our respective sessions on Thursday. #Truesec #NICConf #PreventBreach #MinimizeImpact

Pop quiz, which requirement providers can enforce MFA within Entra ID? #Azure Portal with 'request' & 'App requires MFA' will be next I guess (: https://t.co/h7LjU5WFrz

Spent the last couple of days in Stockholm speaking at #Teamsdagen. Made new friends and met old ones as well. The event was a huge success, and kudos to the organizers for an awesome event!

On Friday 4 of October it is time for the next MMUGSE virtual event! We have some great speakers joining us this time: @AhlbergNicklas @headburgh @ronnipedersen @jannik_reinhard @olsen96967 https://t.co/ycvVot7EQm

The financially motivated cybercriminal group that Microsoft tracks as Storm-0501 has been observed exfiltrating data and deploying Embargo ransomware after moving laterally from on-premises to the cloud environment. https://t.co/U7uQseDxE8

Understanding EVERY Token in Entra ID 🔎 Not all tokens are equal. There are many different types with different uses and benefits. In this blog, I break down each token and what they are used for and which tokens are the most "valuable" for an attacker to obtain. Full blog

Microsoft Defender for Identity Expands to Entra Connect Server This includes new detections, new security recommendations, and a new activity type in the IdentityDirectoryEvents. Don't forget to configure you MDI gmsa account. #MDI #EntraID #Security https://t.co/KCy9vE4J7k