Noticia importante. La protección de tokens llega a Microsoft Entra ID P1. Esto es clave contra robos de tokens y suplantación de identidad en Microsoft 365.
Mayor información en: https://t.co/XPJabnVMpc
Microsoft releases Entra Connect v2.6.84.0 with security fixes and recommends upgrading to this version as soon as possible!
To download the Microsoft Entra Connect Sync tool:
1. Sign in to Microsoft Entra admin center.
2. Navigate to Entra ID > Entra Connect > Get Started > Manage.
3. Select the "Download Connect Sync agent".
4. Select the "Accept terms & download" button.
5. Run the tool on the Entra Connect server and follow the wizard.
Note: The release is only for download via the Microsoft Entra admin center, and auto-upgrade is not available.
Learn more:
- https://t.co/Cb3UqPcSmL
- https://t.co/Uwzw2y49F7
#Microsoft365 #EntraID #EntraConnect
OWASP Cheat Sheet Series – The Ultimate AppSec Reference 💥💀
The OWASP Cheat Sheet Series is one of the most trusted free resources for developers, security engineers, penetration testers, and AppSec professionals. It provides concise, practical guidance on securing applications and implementing security best practices across a wide range of technologies.
✨ Key Features:
• 📚 100+ security cheat sheets covering authentication, authorization, JWT, SQL Injection, XSS, SSRF, CSRF, cryptography, logging, API security, and more
• 🔒 Official OWASP guidance trusted by developers and security teams worldwide
• 💻 Practical security recommendations instead of lengthy theory
• 🌐 Covers modern web, API, cloud, mobile, and application security topics
• 🆓 Completely free, open-source, and regularly updated by the OWASP community
• 📖 Ideal for secure coding, penetration testing, security reviews, and interview preparation
🔗 https://t.co/KmekmapqIY
#OWASP #CyberSecurity #AppSec #SecureCoding #WebSecurity #API #Developers #OpenSource
Microsoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval.
https://t.co/KQXL1A3E14
SOCRadar found a live database with credentials for 73,932 Fortinet firewalls across 194 countries, including a fully compromised NATO contractor. A Russian-speaking group brute-forced their way in, no zero-day needed, just passwords that were never rotated.
Have you noticed the bright pink cleats taking over the 2026 World Cup?
From Nike to Adidas, every major brand is pushing the trend.
The Daily Cup crew explains the surprising science and psychology behind these eye-catching football boots on @amazonfiretv.
Active Directory Hardening Series
Part 1 Disabling NTLMv1 https://t.co/9gla1vtQ18
Part 2 Removing SMBv1 https://t.co/KOqpamarcW
Part 3 Enforcing LDAP Signing https://t.co/oW2Ymvu1ZW
Part 4 Enforcing AES for Kerberos https://t.co/iENjEPBOFD
A reminder from Atomic Habits by James Clear:
“It doesn't make sense to continue wanting something if you're not willing to do what it takes to get it. If you don't want to live the lifestyle, then release yourself from the desire. To crave the result but not the process is to guarantee disappointment.”
Releasing DCOMIllusionist as part of our talk on DCOM at @x33fcon with @k3vinTell. It's a remote in memory fileless lateral movement technique based on some research of @tiraniddo
https://t.co/XLljazKmnH
⚠️Be aware: this makes the account unusable.
From the original research by @tiraniddo:
"user is sacrificial, it might be hard to login using a password afterwards. If you can't immediately reset the password due to the domain's policy the user might be completely broken."
🛠️ Rolling out Microsoft 365 Copilot? This Microsoft Learn guide covers recommended configuration settings to help IT admins optimize setup and support a smoother deployment.
Read more: https://t.co/sRvL9Nhn8U
#Microsoft365Copilot#ITAdmins#EnterpriseIT