All news with #microsoft entra id tag

HP Pulls Update That Broke Entra ID Auth on AI PCs

⚠️ HP has pulled an over-the-air update to HP OneAgent for Windows 11 after a cleanup script removed Microsoft certificates required for some organizations to authenticate to Microsoft Entra ID. The silent update deployed on HP AI PCs ran package SP161710 and an install.cmd that deleted any certificate containing the substring "1E", producing false positives. Affected devices disconnected from Entra ID/Intune; HP says the update is no longer available and is assisting impacted customers.

Harden Identity Defense: Richer Context and Correlation

🔒Microsoft outlines expanded Identity Threat Detection and Response (ITDR) capabilities designed for modern, hybrid environments. The post highlights general availability of unified identity and endpoint sensors, broad on‑premises sensors for Domain Controllers, AD FS, and AD CS, and native integration with Microsoft Entra ID. It emphasizes an identity‑centric approach that correlates accounts across platforms, integrates with PAM, and links identity signals into Defender XDR to enable contextualized alerts, coordinated response, and automatic attack disruption across devices and sessions.

Microsoft Security Store Unites Partners and Innovation

🔐 Microsoft Security Store, released to public preview on September 30, 2025, is a unified, AI-powered marketplace that lets organizations discover, buy, and deploy vetted security solutions and AI agents. Catalog items — organized by frameworks like NIST and by integration with products such as Microsoft Defender, Sentinel, Entra, and Purview — address threat protection, identity, compliance, and cloud security. Built on the Microsoft Marketplace, it provides unified billing, MACC eligibility, and guided automated provisioning to streamline deployments.

Microsoft and Oracle Expand Oracle Database@Azure Reach

🚀 Microsoft and Oracle have expanded Oracle Database@Azure with broader regional coverage and support for Oracle Database 19c and 23ai, plus full support for Base Database, Exadata (Dedicated and Exascale), and Autonomous Database. The update introduces continuous zero-ETL mirroring into OneLake via Oracle GoldenGate and native integrations with Microsoft Fabric, enabling real-time analytics with Copilot Studio, Azure AI Foundry, and Power BI. Security and operational management are strengthened through Microsoft Defender, Microsoft Sentinel, Entra ID, and Azure Arc, while Azure Accelerate for Oracle and marketplace programs streamline migrations and partner engagement.

Securing Agentic AI: Microsoft Ignite Security Guide

🔒 Microsoft Ignite 2025 highlights security-focused sessions and hands-on labs tailored for practitioners and leaders. Join in San Francisco Nov 17–21 (or online Nov 18–20) for briefings, demos, and instructor-led labs covering Microsoft Security Copilot, Sentinel, Defender, Entra, and Purview. A Security Forum (Nov 17) and keynote segments led by senior security executives will explore designing, governing, and protecting agentic AI across the lifecycle.

Google: Brickstorm malware stole data from U.S. orgs

🔒 Google researchers warn that the Go-based Brickstorm backdoor was used in prolonged espionage against U.S. technology, legal, SaaS, and BPO organizations, averaging a 393-day dwell time. Suspected activity from the UNC5221 cluster involved deploying the malware on appliances lacking EDR protection such as VMware vCenter/ESXi, where it acted as a web server, SOCKS proxy, file dropper, and remote shell. Operators used techniques like a malicious Java Servlet Filter (Bricksteal), VM cloning, and startup-script modifications to capture credentials and move laterally, then tunneled to exfiltrate emails via Microsoft Entra ID Enterprise Apps. Mandiant published a scanner and YARA rules to aid detection but cautions it may not catch all variants or persistence.