Latest news with #EntraID
Forbes
13-06-2025
- Forbes
Microsoft Users Warned Of Ongoing Password Spraying Attack — Act Now
Microsoft users under attack from password spraying hackers. As Microsoft users continue to be warned about hackers targeting everything from Windows Secure Boot vulnerabilities to Outlook emails and Windows Server zero-days, the last thing you probably want to hear is yet another warning regarding an ongoing cyberattack against Microsoft accounts. Yet here we are, and you need to take this one very seriously indeed, as thousands of Entra ID accounts are being bombarded with a password spraying attack from a group known as SneakyStrike. With billions of compromised passwords to use as ammunition by automatic hacking machines, the time to sit up and take notice is right now. Let's get serious here: one of the worst types of cybersecurity warning you can get is concerning what is known within the industry as an ATO. Let me spell that out for you: Active. Account. Takeover. And that, I'm sorry to say, is what we have here. Threat researchers working at Proofpoint have confirmed just such an ATO, targeting Microsoft Entra ID accounts and having success in compromising victim organizations. Attributed to an attack group called SneakyStrike, also known as SneakyChef which has a history of government-level espionage campaigns, the researchers said that the ongoing Microsoft cyberattack has already 'affected over 80,000 targeted user accounts across hundreds of organizations, resulting in several cases of successful account takeover.' The attackers are using a penetration testing platform to strike, leveraging both Microsoft Teams and Amazon Web Services servers across multiple geographical locations. What they have in common is that all the attacks involve user enumeration and password spraying at scale. This, the research report said, has led to SneakyStrike actors exploiting access to applications, including Microsoft Teams, OneDrive, and Outlook. This ongoing attack leaves hundreds of organisations vulnerable, Eric Woodruff, chief identity architect at Semperis, warned. 'In response to this threat and cloud services attacks,' Woodruff told me, 'organizations need to adopt a multi-layered, identity-first security approach, and mitigation efforts should centre around reducing their attack surface, increasing visibility, and enforcing strong access controls.' Remember that such password spraying attacks rely upon the accounts being targeted for compromise not having adequate login protection. Specifically, using common passwords or those that are created using a systematic variation within an organization. Both of these password types should be replaced with strong passwords that are not reused or found within commonly available stolen password databases. Do not act now, and you could be the latest Microsoft victim of SneakyStrike. You have been warned.
Yahoo
12-06-2025
- Business
- Yahoo
Okta's Backlog Tops $4B on Strong Identity Security Demand
Okta's OKTA Remaining Performance Obligations (RPO) or subscription backlog surged to $4.084 billion in the first quarter of fiscal 2026, marking a 21% year-over-year increase. More importantly, current RPO jumped 14% year over year to $2.23 billion, highlighting the company's strong forward 12-month revenue visibility. This significant backlog growth reflects sustained enterprise demand for OKTA's identity security solutions, as organizations prioritize secure access in increasingly complex IT company benefits from strong demand for its new products, including Identity Governance, Privileged Access, Device Access, Fine Grained Authorization, Identity Security Posture Management and Identity Threat Protection with Okta AI. Okta's Identity Security Posture Management and Privileged Access solutions are helping enterprises tackle non-human identities that comprise service accounts, shared accounts, machines and the second quarter of fiscal 2026, OKTA projects current RPO growth in the range of 10% to 11%. While the guidance reflects a slightly cautious outlook amid ongoing macroeconomic headwinds, it still indicates resilient demand and solid revenue visibility. As identity and access management becomes a top priority for enterprises, Okta faces stiff competition from seasoned players like CyberArk Software CYBR and Microsoft leads in Privileged Access Management, offering advanced tools like credential vaulting and threat analytics. With its acquisition of Zilla Security, it's expanding into automated Identity Governance. This move strengthens CyberArk's Identity Security Platform, boosting compliance and efficiency. Microsoft's Entra ID poses a significant challenge by offering a fully integrated Identity and Access Management solution, including Single Sign-On, Multi-Factor Authentication, Conditional Access and Identity Protection. Shares of Okta have appreciated 27.7% year to date compared with the Zacks Security industry's return of 19.9%. Image Source: Zacks Investment Research Okta currently trades at a premium, with a forward Price/Cash Flow ratio of 23.83, higher than the broader Zacks Computer & Technology sector's 20.4X. OKTA has a Value Score of D. Image Source: Zacks Investment Research The Zacks Consensus Estimate for OKTA's 2026 revenues is pegged at $2.86 billion, indicating 9.44% year-over-year growth. The consensus mark for earnings is pegged at $3.28 per share, which increased 2.8% over the past 30 days. The earnings figure suggests 16.73% growth over the figure reported in fiscal 2025. Image Source: Zacks Investment Research OKTA stock currently carries a Zacks Rank #2 (Buy). You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Microsoft Corporation (MSFT) : Free Stock Analysis Report CyberArk Software Ltd. (CYBR) : Free Stock Analysis Report Okta, Inc. (OKTA) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research
Techday NZ
09-06-2025
- Business
- Techday NZ
Semperis adds detection for dMSA attacks in Windows Server
Semperis has announced new detection capabilities in its Directory Services Protector platform in collaboration with Akamai to address the "BadSuccessor" privilege escalation technique in Windows Server 2025. BadSuccessor targets a new Windows Server 2025 feature called delegated Managed Service Accounts (dMSAs), which was designed to improve service account security. Researchers at Akamai have shown that attackers can exploit dMSAs to impersonate highly privileged users, such as Domain Admins, within Active Directory. At present, there is no patch available to address this vulnerability. Service accounts, including dMSAs, often operate with extensive or unmonitored privileges, creating potential security risks for enterprises. The exploitation method uncovered by Akamai highlights ongoing challenges in securing service accounts and preventing unexpected attack vectors within large organisations. In response, Semperis has updated its Directory Services Protector platform to include one new Indicator of Exposure and three Indicators of Compromise aimed at detecting abnormal dMSA activity. These enhancements will enable security teams to identify excessive delegation rights, malicious connections between dMSAs and privileged user accounts, and attacks directed at sensitive accounts such as KRBTGT. "Semperis moved quickly to translate the vulnerability into real-world detection capabilities for defenders, demonstrating how collaboration between researchers and vendors can lead to rapid, meaningful impact. The abuse of service accounts is a growing concern, and this high-profile vulnerability is a wake-up call," said Yuval Gordon, Security Researcher at Akamai. "Service accounts remain one of the least governed yet most powerful assets in enterprise environments. This collaboration with Akamai allowed us to close detection gaps fast and give defenders visibility into a deeply complex area of Active Directory that attackers continue to exploit," said Tomer Nahum, Security Researcher at Semperis. The vulnerability is present in any organisation that operates at least one domain controller running Windows Server 2025. According to Semperis, a single misconfigured domain controller can place the entire environment at risk. Until vendors release an official patch, organisations are encouraged to audit dMSA permissions and use detection tools to monitor for misuse. Semperis is reinforcing cybersecurity for enterprises by protecting critical identity services that underpin hybrid and multi-cloud environments. Purpose-built for securing complex identity infrastructures — including Active Directory, Entra ID, and Okta — Semperis' AI-powered platform safeguards more than 100 million identities from cyberattacks, data breaches, and operational missteps. Headquartered in Hoboken, New Jersey, the privately held international company supports major global brands and government agencies, with customers spanning over 40 countries. Beyond its core technology offerings, Semperis is recognized for its commitment to the cybersecurity community. The company sponsors a range of industry resources, including the award-winning Hybrid Identity Protection (HIP) Conference, the HIP Podcast, and free identity security tools such as Purple Knight and Forest Druid. With its dual mission to protect digital infrastructure and empower the security community, Semperis continues to play a pivotal role in advancing global cyber resilience. Follow us on: Share on:
Channel Post MEA
06-06-2025
- Business
- Channel Post MEA
Varonis Enhances Data Security Platform
Varonis Systems has announced Varonis Identity Protection, the latest enhancement to its Data Security Platform that gives organizations unified visibility and control of data and identities. Most identity security tools operate in a vacuum — with no understanding of the critical data each identity can access or how they're accessing it. Varonis connects the dots between identities and data, helping organizations automatically reduce access to their most sensitive data, fix identity posture issues, and stop identity-based threats — including those originating from insiders, stolen credentials, and AI tools and agents. Unlike traditional identity products, Varonis understands the blast radius of every identity — showing how much data would be exposed if an identity were compromised. Varonis Identity Protection distinguishes between human and non-human identities, classifies them as internal, guest, external, or privileged, and monitors how they interact with data to detect anomalies. 'Identity and data are deeply intertwined — securing one without the other leaves dangerous gaps,' said Varonis CEO, President, and Co-Founder Yaki Faitelson. 'By unifying identity and data security, Varonis gives customers the context they need to better ensure identity threats don't become data breaches.' Key Capabilities of Varonis Identity Protection: Machine Learning-Based Identity Classification: Varonis integrates with Entra ID, Okta, Active Directory, and others to map user accounts across environments. Using machine learning, Varonis auto-classifies identities — tagging executives, privileged users, service accounts, non-human identities, and more. Varonis integrates with Entra ID, Okta, Active Directory, and others to map user accounts across environments. Using machine learning, Varonis auto-classifies identities — tagging executives, privileged users, service accounts, non-human identities, and more. Peer Analysis & User Behavior Analysis: Varonis continuously analyzes peer behavior to detect anomalies in identity usage, flagging deviations from normal patterns to surface risky activity earlier. Identity Threat Detection & Response (ITDR): Varonis monitors identity providers for signs of compromise, alerting on suspicious logins, password resets, MFA changes, and policy updates — in context with each account's data access activity. Identity Posture Management With Automated Remediation: Varonis flags stale contractor accounts, excessive permissions, and missing MFA — then automatically remediates risks by revoking access, removing entitlements, and eliminating ghost accounts. Varonis was recently named a Leader in Identity Threat Detection and Response by GigaOm, recognizing the platform's advanced detection and automated response capabilities. These identity capabilities also enhance Varonis Managed Data Detection and Response (MDDR), enabling our expert analysts to detect and respond to a broader range of threats faster and more effectively across customer environments.
Yahoo
04-06-2025
- Business
- Yahoo
RSA Announces New Windows Desktop Login and Entra ID Passwordless Solutions
LAS VEGAS, June 04, 2025--(BUSINESS WIRE)--RSA, the security-first identity leader, announced new innovations that expand RSA's complete passwordless solutions, including support for Microsoft Entra ID-joined desktops and legacy, RADIUS-based environments at Identiverse today. These innovations help organizations accelerate deployment of phishing-resistant passwordless solutions across their entire environment, reducing risks, modernizing authentication, and driving efficiency. Available as part of RSA® ID Plus, the only complete passwordless identity security platform, new passwordless features include: Passwordless support for Windows Desktop Login and Entra ID: ID Plus now supports mobile passkeys and QR codes to complete Windows log-in. ID Plus will add Entra ID support in July. One-step enrollment process: Starting in July, users will be able to enroll new RSA mobile passkeys and other RSA MFA methods via a one-step enrollment process that eliminates delays and reduces help desk support costs. Code matching for RADIUS: Organizations operating in RADIUS environments can now deploy code matching to reduce the risk of prompt bombing and ensure legacy architecture stays operational. These new passwordless enhancements are fortified by deep security innovations that extend organizations' defenses and protect against post-passwordless threats. The newly-announced RSA Help Desk Live Verify (patent pending), only available through ID Plus, uses passwordless bi-directional identity verification to stop help desk scams like the recent attacks on Marks & Spencer, Christian Dior, Co-Op, and MGM Resorts. RSA Mobile Lock secures the authentication process itself by scanning devices for app tampering, malware, sideloading, jailbreaking, and AiTM attacks. "Not all passwordless is created equal: government agencies, finance, energy and healthcare providers, and other security-first organizations need a passwordless solution for all users, environments, and devices," said RSA CEO Rohit Ghai. "Moreover, to defend against emerging threats, organizations must integrate passwordless into an identity security platform that provides full visibility into user access while constantly assessing identity security posture. Cyberattacks start wherever organizations' security capabilities end, which is why high-security organizations rely on RSA for a complete identity security platform that stops phishing, malware help desk scams, ransomware, and other attacks before they start." Identiverse attendees are invited to demo these new solutions at booth #342. Resources: Book a meeting with RSA at Identiverse RSA Governance & Lifecycle Advanced Dashboards solution brief RSA passwordless solution brief RSA Mobile Lock data sheet Try RSA ID Plus About RSA RSA provides mission-critical cybersecurity solutions that protect the world's most security-sensitive organizations. The RSA Unified Identity Platform provides true passwordless identity security, risk-based access, automated identity intelligence, and comprehensive identity governance across cloud, hybrid, and on-premises environments. More than 9,000 high-security organizations trust RSA to manage more than 60 million identities, detect threats, secure access, and enable compliance. For additional information, visit our website to contact sales, find a partner, or learn more about RSA. View source version on Contacts teamrsa@
