Microsoft Entra ID

BloodHound 8.0 debuts with major upgrades in attack path management

August 5, 2025

SpecterOps has released BloodHound 8.0, the latest iteration of its open-source attack path management platform, featuring major enhancements and expanded capabilities. …

Researchers warn of ongoing Entra ID account takeover campaign

June 12, 2025

Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have …

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

September 30, 2024

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. …

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

December 13, 2023

Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications …

Microsoft introduces new access policies in Entra to boost MFA usage

November 7, 2023

As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to …

Assess multi-cloud security with the open-source CNAPPgoat project

August 3, 2023

Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox …

Open-source penetration testing tool BloodHound CE released

August 2, 2023

SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory …