Tag

Conditional Access

All articles tagged with #conditional access

Massive Azure CLI credential spray uses legacy flow to bypass MFA, hits 78 accounts
security14 days ago

Massive Azure CLI credential spray uses legacy flow to bypass MFA, hits 78 accounts

Security researchers warn of a large-scale, automated password-spray against Microsoft Azure CLI that logged over 81 million login attempts and compromised at least 78 Microsoft accounts across 64 organizations. The attackers used the deprecated OAuth 2.0 Resource Owner Password Credentials (ROPC) flow to bypass Conditional Access policies, targeting credentials from breached lists and exploiting MFA configurations that didn’t cover Azure CLI logins. The activity originated largely from an IPv6 range linked to LSHIY LLC (AS32167). Recommendations include enforcing MFA for all users and apps, restricting the Azure CLI app to non-admins, and ensuring CAPs are fully configured to close gaps exposed by ROPC.

Microsoft Delays Deprecation of Exchange Online's CARs Until 2024
technology3 years ago

Microsoft Delays Deprecation of Exchange Online's CARs Until 2024

Microsoft has extended the deadline for the use of Client Access Rules (CARs) in Exchange Online until September 2024 for some companies that are unable to migrate to the more secure Azure Active Directory Conditional Access and Continuous Access Evaluation (CAE) approach. The shift from CARs to Conditional Access and CAE is not a simple matter, and Microsoft has already begun taking steps to move organizations to Conditional Access and CAE. CAE became generally available in January 2022 as a key part of Microsoft's larger Azure AD Zero Trust Session Management portfolio, with Redmond highlighting the tool's security enhancements and real-time enforcement.