This Microsoft Entra ID Vulnerability Could Have Been Catastrophic
Save StorySave this storySave StorySave this storyAs businesses around the world have shifted their digital infrastructure over the last decade from self-hosted servers to the cloud, they’ve benefitted from the standardized, built-in security features of major cloud providers like Microsoft. But with so much riding on these systems, there can be potentially disastrous consequences at a massive scale if something goes wrong. Case in point: Security researcher Dirk-jan Mollema recently stumbled upon a pair of vulnerabilities in Microsoft Azure’s identity and access management platform that could have been exploited for a potentially cataclysmic takeover of all Azure customer accounts.Known as Entra ID, the system stores each Azure cloud customer’s user identities, sign-in access…
