iX-Workshop: Identitäten in Entra ID mit Conditional Access Policies schützen
Erfahren Sie, wie Sie die Zero-Trust-Architektur mit Zugriffsrichtlinien in Entra ID umsetzen und so Ihr Unternehmensnetzwerk effektiv schützen.
#EntraID #IT #iXWorkshops #Microsoft #Microsoft #MicrosoftAzure #Security #news
Microsoft just announced official support to store device bound Passkeys for Entra ID in the Windows Hello container. No app, no external hardware key but built in support. Sadly no attestation while in preview.
Microsoft Entra passkeys on Windows enable phishing-resistant, passwordless sign-in using Windows Hello on Entra-protected resources, including unmanaged devices. Public preview starts mid-March 2026. Organizations must opt in and configure policies to enable this feature; no impact occurs without activation.
RE: https://infosec.exchange/@merill/116188307859736132
Android Authenticator
Root Detection
🚨⚠️🚨⚠️🚨⚠️🚨⚠️
#MicrosoftAuthenticator on #Android
strictly blocks usage on rooted or
jailbroken devices.
Relies on Google
Play Services;
privacy-focused OS
distributions (e.g., #GrapheneOS)
lacking Play Services will be
completely blocked.
THIS WONT MAKE EVERYONE HAPPY
: #Himmelblau 3.0 erweitert Enterprise-Funktionen | iX Magazin https://www.heise.de/news/Entra-ID-fuer-Linux-Himmelblau-3-0-erweitert-Enterprise-Funktionen-11199820.htmlMicrosoft warned about OAuth redirect abuse on March 2, 2026. This isn't credential theft or classic token theft by itself. It weaponizes Entra ID error handling.
An attacker registers an OAuth app with a malicious redirect URI, sends a crafted login.microsoftonline.com link designed to fail, and Entra ID's 302 redirect lands the victim on a phishing page or malware dropper. The sign-in fails and the attacker still wins.
I built a detection and hardening kit you can deploy to an existing Sentinel workspace:
• 4 analytics rules: consent after risky sign-in, suspicious redirect URIs, OAuth error clustering, bulk consent
• 5 hunting queries: permissions baseline, non-corporate IP auth, high-privilege apps, URI inventory, token replay
• 1 workbook: OAuth Security Dashboard
Entra hardening: verified-publisher consent restriction, MFA policy for risky OAuth sign-ins
• OAuth app audit: flags suspicious redirect URIs and overprivileged permissions across app registrations
Blog post: https://nineliveszerotrust.com/blog/oauth-redirect-abuse-sentinel/
Companion lab on GitHub: https://github.com/j-dahl7/oauth-redirect-abuse-sentinel
#MicrosoftSentinel #EntraID #DetectionEngineering #OAuth #IdentitySecurity #BlueTeam
Microsoft warned about OAuth redirect abuse enabling phishing and malware delivery. Build Sentinel analytics rules, hunting queries, a security workbook, and Entra ID hardening policies to detect and prevent this technique in your tenant.
Blog Alert!
This time of getting the Data Api Builder MCP preview to connect to a Fabric Lakehouse SQL Endpoint using Entra ID.
#MCP
#DAB
#MicrosoftFabric
#Lakehouse
#SqlEndpoint
#EntraId
http://sqlreitse.com/2026/03/06/sql-mcp-local-to-fabric-lakehouse/
GrapheneOS: Microsoft Authenticator does not support secure Android OS
Microsoft's Authenticator is to delete Entra accesses from rooted and jailbroken devices. GrapheneOS could be affected.
GrapheneOS: Microsoft Authenticator unterstützt sicheres Android-OS nicht
Microsofts Authenticator soll Entra-Zugänge von gerooteten und gejailbreakten Geräten löschen. GrapheneOS könnte betroffen sein.
iX Magazin
Fabian Bader
damienbod
Sass, David
Marcel SIneM(S)US
Jerrad Dahlager
2meterdba | Reitse Eskens
benzogaga33 
heise online English
heise Security