Olivia
Online
D Lind
@dnsinit
Tweets are my own. Lucky guy who works with his hobby. 👨🏼💻 Here for the awesome knowledge in the MSFTverse, threat intelligence and FPL tweets.
Joined December 2011
497 Following
129 Followers
2.5K Posts
Entra Connect v2.6.79.0 was just released and contains undisclosed security fixes and @Microsoft recommends to update fast. On the bright side, it will finally support FIDO2 based authentication!
Folks, I just released Lokka 2.0 today!
The world's first Microsoft Graph MCP server is now a full blown MCP App.
First up multi-tenant support. You can now sign into more than one tenant.
What does it mean?
1/16
@merill What did i miss? 😵
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
Who to follow
Sam Erde
@SamErde
PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
Joe 
@trk_rdy
MSFT | My opinions are mine.
Mike
@MySnozzberries
I Build-Break-Repeat, AWS, Azure, MS, Cisco, InfoSec
https://t.co/eN8iK5IMuL
Entra App Proxy continues to be one of the biggest hidden gems of Entra P1
For over a decade, we've been able to stop exposing risky apps to the Internet by routing through agents with outbound connections to Azure
I don't care what vendor you use, just get it off the Internet
@merill Looking forward to following you on your journey Merill, hope you will still be able to show up at remote locations like ELDK 😁
Finally patch time…
Welcome back CA policies that were magically erased from everyone’s logs for quite a while. 🧙♂️
@techspence @laplanted24 @magicswordio @ThreatLocker Without changing a single thing, you can create an alert and automate remediation if you wanted
They publish queries that pull the latest domain names lists and hunt for you ;)
https://t.co/NB6MEzPV0p
@UK_Daniel_Card It’s slow 🥲
@merill This is amazing Merill! 🤩
❗️🚨 Microsoft Edge keeps every saved password in process memory as cleartext from the moment it launches. Microsoft's responsed when reported: "by design."
All of them. Including credentials for sites you won't open this session.
Researcher @L1v1ng0ffTh3L4N tested every major Chromium browser. Edge is the only one that behaves this way.
Chrome decrypts credentials on demand, and App-Bound Encryption locks the keys to an authenticated Chrome process so other processes can't reuse them.
In Chrome, plaintext surfaces only during autofill or when a password is viewed, making memory scraping far less useful.
What makes this extra weird is that Edge still demands re-authentication before revealing those passwords in its Password Manager UI, while the same browser process already holds every one of them in plaintext.
In shared environments, this turns into a credential harvest. On a terminal server, an attacker with admin rights can read the memory of every logged-on user process. In the published PoC video, a compromised admin account lifts stored credentials from two other logged-on (and even disconnected) users with Edge running.
Microsoft's official response when notified: "by design."
The finding was disclosed April 29 at BigBiteOfTech by PaloAltoNtwks Norway, alongside a small educational tool that lets anyone verify the cleartext storage for themselves.
Stop using UPNs for Entra ID automation. It’s a ticking time bomb. 💣
If a user changes their name (marriage/rebrand), your logic breaks.
The result? Wiped laptops, broken groups, and "forever access."
Here is how to build a stable identity lifecycle. 🧵
1/5
ICYMI - You can instantly hybrid join devices without ADFS or Entra Connect Sync using Entra Kerberos
https://t.co/SkwYZdmZ4a
@ClassyGull @NathanMcNulty @IAMERICAbooted That’s no problem at all, but they can’t have the role-assignable property set to true
@DanielatOCN @PyroTek3 Ah right, I only ever user the service to translate a domain name to tenant id without authenticating so didn’t think about the additional use cases 😅
@SwiftOnSecurity For that countermeasure to be somewhat effective we also need universal CAE for to make sure access tokens can be revoked too… although I didn’t read up on the details in this case, perhaps CAE was in fact in play :)
Last Seen Users on Sotwe
Bce Xopoшo
Seen from Jordan
♂️💞DOM B.E.A.R C.A.M.P HOBBS OFFICIAL™💞♂️
Seen from Indonesia
CAĞLA GÜNEŞ
Seen from Turkey
♠️ ديوث زوجتي روبي ♠️
Seen from Egypt
尿是膀胱泪./
Seen from Japan
mandumm🍌
Seen from Thailand
ابن نوال الشرموطة
Seen from Poland
ITM Banks
Seen from United States
Asma 🌸
Seen from France
ชอบแบบที่เป็นไปไม่ได้-_-
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers