Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...
Bleeping Computer

Microsoft still unsure how hackers stole Azure AD signing key

Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen ...