Latest news with #Entra
Techday NZ
05-08-2025
- Techday NZ
BeyondTrust launches Secrets Insights to tackle hidden identity risks
BeyondTrust has announced the expansion of its Identity Security Insights solution with the introduction of Secrets Insights, designed to address vulnerabilities arising from secrets and non-human identities. According to recent Identity Security Risk Assessments completed by BeyondTrust across various industries and organisational sizes, significant gaps have been discovered in current identity security postures. The findings reveal dormant service accounts with privilege in more than 70% of assessed environments. Additional issues include overly permissive Entra Service Principals, which can create direct pathways to Global Admin privileges, thereby endangering Microsoft 365 environments. The assessments also found that credentials are frequently reused across multiple service accounts by administrators, compounding the risks posed by a single compromised password. In the realm of privilege escalation, the report observes that low-privileged users are able to gain administrative access across Active Directory, Entra, AWS, Okta, and GitHub due to hidden escalation paths rooted in configuration errors, federation processes, and synchronisation. AD Service accounts that connect on-premises and cloud environments, particularly those with privileged Entra roles, were also identified as potential cross-platform attack vectors. The review highlighted further weaknesses, such as inadequate GitHub repository access management. This can lead to uncontrolled and unauthorised access to sensitive code and secrets, with personal GitHub accounts exacerbating the risk. "These identity infrastructure issues aren't just misconfigurations, they're invitations. Our Identity Security Risk Assessment data shows that many organisations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organisations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges," said Marc Maiffret, CTO at BeyondTrust. Agentic AI systems, which autonomously interface with infrastructure and provision access, are predicted to amplify the risks associated with unmanaged secrets and non-human identities. As organisations adopt these AI-driven systems, the potential for abuse of hidden privileges and secrets grows, underscoring the need for enhanced oversight. The new Secrets Insights feature is intended to provide this visibility. It builds upon the existing capabilities of BeyondTrust's Identity Security Insights platform, which allows organisations to monitor identity risk across Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, Ping Identity, and GitHub. With Secrets Insights, users can discover API keys, service account credentials, tokens, and similar assets across both cloud and on-premises setups, including within vaults, thereby mapping previously unmonitored access vectors. Key benefits Secrets Insights offers a number of core functions: discovery of unmanaged secrets throughout cloud and on-premises environments; identification of users with both direct and indirect access to these secrets; risk scoring and prioritisation focused on levels of exposure and privilege; and integration with BeyondTrust Password Safe, which automates remediation tasks. Maiffret commented on the next steps for the sector: "As organisations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security." Secrets Insights is scheduled to become available later this year. As part of its ongoing initiatives, BeyondTrust provides complimentary Identity Security Risk Assessments for qualified organisations. These assessments can be completed in under 48 hours and are intended to help organisations identify hidden privileges and secret-related risks, supporting steps towards reducing standing privilege and enabling just-in-time access.
Yahoo
04-08-2025
- Yahoo
BeyondTrust Research Exposes Hidden Privilege Threats: Secrets Are the New Identity Crisis Awaiting Agentic AI
New data from Identity Security Risk Assessments reveals critical blind spots in non-human identity posture BeyondTrust's latest solution brings secrets into full view, just as Agentic AI spins up at scale LAS VEGAS, Aug. 04, 2025 (GLOBE NEWSWIRE) -- BeyondTrust, the global leader in identity security protecting Paths to Privilege™, today announced the expansion of its Identity Security Insights™ solution to include Secrets Insights, a new capability designed to illuminate and secure the hidden attack surfaces created by secrets and non-human identities. As Agentic AI systems begin to autonomously interact with infrastructure, make decisions, and even provision access themselves, the hidden risks posed by unmanaged secrets and non-human identities become exponentially more dangerous. This launch comes on the completion of the initial class of Identity Security Risk Assessment engagements conducted across a wide range of industries and company sizes. The results are eye-opening: Dormant service accounts with privilege were found in over 70% of environments Overly permissive Entra Service Principals create direct pathways to Global Admin privileges, exposing entire Microsoft 365 environments to potential takeover Credentials reused across multiple service accounts by human admins, enabling a single compromised password to compromise numerous non-human accounts Low-privileged users can escalate to administrative access across Active Directory, Entra, AWS, Okta, and GitHub through hidden privilege escalation paths built on configuration oversights, federation, synchronization AD Service accounts bridge on-premises and cloud environments with Active Directory accounts holding privileged Entra roles, creating cross-platform attack vectors Ineffective GitHub repository access management, leading to uncontrolled secret access and unauthorized access to sensitive code, often accessible through personal Github accounts 'These identity infrastructure issues aren't just misconfigurations, they're invitations,' said Marc Maiffret, CTO at BeyondTrust. 'Our Identity Security Risk Assessment data shows that many organizations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organizations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges.' The new Secrets Insights capability builds on the success of BeyondTrust's Identity Security Insights platform, which already provides deep visibility into Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, and Ping Identity, and GitHub. Now, organizations can extend that same level of insight to secrets, such as API keys, service account credentials, tokens, and more, across hybrid and multi-cloud environments and their vaults. Key Benefits of Secrets Visibility: Discovery of unmanaged secrets across cloud and on-prem environments Discovery of users with direct and indirect access to secrets Risk scoring and prioritization based on exposure and privilege level Integration with BeyondTrust Password Safe for automated remediation 'As organizations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security', said Maiffret. Secrets Insights will be available later this year. BeyondTrust continues to offer complimentary Identity Security Risk Assessments, often completed in less than 48 hours, to qualified organizations, helping them uncover hidden privilege and secrets risks and chart a path toward Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access. To learn more or schedule an Identity Security Risk Assessment, visit: About BeyondTrust BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders. BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners. Learn more at Follow BeyondTrust:X: Blog: LinkedIn: For BeyondTrust: Mike BradshawConnect Marketing for BeyondTrustP: (801) 373-7888E: mikeb@
Techday NZ
27-06-2025
- Business
- Techday NZ
Semperis warns nOAuth flaw in Entra ID risks SaaS accounts
Semperis has published new research highlighting the ongoing risk posed by the nOAuth vulnerability in Microsoft's Entra ID, which may allow attackers to take over SaaS application accounts with minimal effort. According to the research, nOAuth remains undetected by many SaaS vendors and is very difficult for enterprise customers to defend against. The vulnerability, originally disclosed in 2023 by Omer Cohen of Descope, arises due to a flaw in how certain SaaS applications implement OpenID Connect, particularly when unverified email claims can be used as user identifiers in Entra ID app configurations. This practice contrasts with recommended OpenID Connect standards. Semperis' follow-up investigation examined applications listed in Microsoft's Entra Application Gallery, finding that over a year after its initial disclosure, a substantial portion of applications remain vulnerable to nOAuth abuse. Risk to enterprises The core issue with nOAuth is that attackers require only their own Entra tenant and the email address of a target user to potentially gain full access to that person's account in a vulnerable SaaS application. Traditional defences, including Multi-Factor Authentication (MFA), conditional access, and Zero Trust policies, do not mitigate this risk. This presents a challenge for both developers and end-users. As Eric Woodruff, Chief Identity Architect at Semperis, explained, "It's easy for well-meaning developers to follow insecure patterns without realising it and in many cases, they don't even know what to look for. Meanwhile, customers are left with no way to detect or stop the attack, making this an especially dangerous and persistent threat." Through comprehensive testing of more than 100 Entra-integrated SaaS applications, Semperis identified that nearly 10% were susceptible to nOAuth exploitation. Once access is obtained via this vulnerability, attackers may exfiltrate data, maintain persistence, and potentially move laterally within the victim organisation's environment. Detection and mitigation challenges Detection of nOAuth abuse is exceptionally difficult, as successful attacks leave minimal traces within standard user activity logs. Deep correlation across both Entra ID and individual SaaS platform logs is required to identify potential breaches. Semperis' research indicates that exploitation continues to be possible, despite the initial public disclosure and vendor recommendations. Highlighting the severity of the nOAuth issue, Woodruff added, "nOAuth abuse is a serious threat that many organisations may be exposed to. It's low effort, leaves almost no trace and bypasses end-user protections. We've confirmed exploitation is still possible in many SaaS apps, which makes this an urgent call to action. We encourage developers to implement the necessary fixes and help protect their customers before this flaw is exploited further." Semperis has communicated its findings to both affected SaaS vendors and Microsoft, beginning in December 2024. Some vendors have taken steps to address the issue, while others reportedly remain vulnerable. Industry response and recommendations The Microsoft Security Response Centre (MSRC) advises SaaS application vendors to implement its security recommendations regarding user identification and OpenID Connect integration. Firms failing to comply may risk removal from the Entra Application Gallery. Semperis continues to focus on identity threat detection, with recent announcements regarding new detection features addressing other critical vulnerabilities such as BadSuccessor and Silver SAML. These findings exemplify ongoing risks within enterprise identity services, where configuration weaknesses in authentication protocols can present significant challenges for both software providers and their customers. The nOAuth vulnerability underlines the importance of not only secure development practices but also continuous monitoring as enterprise reliance on SaaS and identity federation increases. Semperis' report calls for prompt action from SaaS vendors to update their authentication implementations to address this persistent risk.
Miami Herald
24-06-2025
- Business
- Miami Herald
Microsoft's CEO Satya Nadella shares a terrifying reality
Very few executives see the world like Microsoft CEO Satya Nadella. He was actually a somewhat surprising pick when he was selected to replace Steve Ballmer. But since he got the job in 2014, he has made very few mistakes in a climate that has been rapidly changing. Related: Amazon's Alexa AI upgrade is even worse than expected Nadella quickly shifted the company's focus to the cloud, and he has embraced artificial intelligence without making it Microsoft's sole priority. Microsoft is one of the rare companies that has been able to reinvent itself. This didn't actually seem that likely during the Windows 8 debacle. At that time, it seemed like the company had given away its operating system advantage to Google's Android, while making a poor bet in buying Nokia for its phone business. Most companies that stumble as badly as Microsoft never regain their footing. Take IBM, for example - the company still exists, but it's now a shell of what it once was. Don't miss the move: Subscribe to TheStreet's free daily newsletter You can argue that Nadella's Microsoft may exceed the heights of the Ballmer and Gates era. That's a stunning accomplishment, given how high the company had climbed and how quickly it fell. So when Nadella tells you what his biggest priority is, every company and individual should listen. Sometimes a CEO tells you what matters without spelling things out fully. Nadella's recent comments suggest that he understands how dark and dangerous the digital world has become. "Now on to security. Security is our top priority, and we have made significant progress against the engineering objectives we outlined 1.5 years ago as part of our Secure Future Initiative. We are now applying these learnings to deliver new innovation across our platform," he said. You don't invest in security if you think the world is safe. Nadella isn't openly talking about the global bad actors trying to hack their way into every system imaginable, but his words suggest a deep understanding of the threats. "Last month, along with our partners, we introduced Security Copilot agents to help defenders autonomously handle high-volume security and IT tasks informed by 84 trillion daily threat signals. We also added new capabilities to Defender, Entra, and Purview to help organizations secure and govern their AI deployments," he added. More Tech Stocks: Amazon tries to make AI great again (or maybe for the first time)Veteran portfolio manager raises eyebrows with latest Meta Platforms moveGoogle plans major AI shift after Meta's surprising $14 billion move This focus has also paid off for Microsoft. "All up, we now have 1.4 million security customers, over $900,000, including EY Global, Manpower Group, TriNet, Regions Bank have four or more workloads, up 21% year-over-year. And in identity, Entra now has more than 900 million monthly active users," he shared. While growing its business-to-business model, Microsoft has grown its direct-to-consumer focus under Nadella. That includes its LinkedIn platform. "Over 1 billion professionals use LinkedIn to connect, learn, hire and sell, and our membership continues to grow at double-digits year-over-year. Time spent watching videos on the platform was up 36%, and comments were up 32% year-over-year. We're also seeing more members use AI to gain new skills and find jobs," he shared. Nadella is also bullish over the company's search, media, and advertising products. "More broadly, when it comes to advertising, we are transforming how people search, browse, discover content, and use AI as a personal assistant. With Copilot Search in Bing, we are reimagining search results with overview pages curated by AI, and embedded conversational capabilities. With Copilot Vision in Edge, Copilot sees what you see and gives you real-time responses while you browse," he explained. Related: Cathie Wood buys $31.8 million of surging AI stock The CEO sees Microsoft being able to offer a deeper level of personalization. "With Copilot Discover, we are personalizing MSN experience based on user interactions and preferences. And with our updated Copilot app, we are focused on building daily engagement and successful sessions across a range of modalities, whether it is conversing, searching, shopping, or travel planning," he added. The Arena Media Brands, LLC THESTREET is a registered trademark of TheStreet, Inc.
Globe and Mail
29-05-2025
- Business
- Globe and Mail
Walmart Stock (WMT) Wobbles on Leak That it Prefers Microsoft to Google
Shares in retail giant Walmart (WMT) slipped 0.6% today despite reports that it is stepping up its use of AI. Confident Investing Starts Here: Rock and Rolling With MSFT The revelation that Walmart was looking at using Microsoft's (MSFT) Entra and AI Gateway services came as a result of a mistake at a talk by the tech giant's head of security for AI. Neta Haiby revealed confidential messages about Walmart's plans at a Build talk after the livestream was interrupted by pro-Palestine protesters. After the protesters were escorted out, the livestream session restarted and the sensitive messages were seen on Microsoft Teams. 'Walmart is ready to rock and roll with Entra Web and AI Gateway,' said one of Microsoft's cloud solution architects in the Teams messages. The chat session also quoted a Walmart AI engineer, saying: 'Microsoft is WAY ahead of Google (GOOGL) with AI security. We are excited to go down this path with you.' Walmart is already a major Microsoft customer using the company's Azure OpenAI service for some of its AI work. Game-Changing AI According to Microsoft, Entra offers users secure access for their workforce, workload, and customer identities to multicloud and on-premises resources. In its website blurb, it offers users the chance to take advantage of game-changing generative AI, risk-based access policies, and phishing-resistant, password-free authentication to block attacks and protect your workforce, customers, and machine identities. Cyber attacks on retailers are in the news with the U.K.'s Marks & Spencer reeling from a recent and still ongoing hit which is likely to cost it £300 million in lost profits. An API Gateway can help streamline the integration of multiple AI models. This is an area Walmart is keen to invest in, including operationally in the production of clothes and to boost customer service. Is WMT a Good Stock to Buy Now? On TipRanks, WMT has a Strong Buy consensus based on 28 Buy and 2 Hold ratings. Its highest price target is $120. WMT stock's consensus price target is $109.31 implying an 12.62% upside. See more WMT analyst ratings Disclaimer & Disclosure Report an Issue
