24 - Microsoft Graph scopes giving attackers high hopes

02/15/24 • 57 min

In this episode we talk about the Midnight Blizzard attack on Microsoft, which turns into a rather detailed discussion on Microsoft Graph scopes and their wide permissions. Also, how many Copilot products does Microsoft have now? And how hyper-scale is Azure really?

Previous Episode

23 - So much new stuff and some other fluff

As it has been a while since last episode, there is a lot of news to cover!
- The final details about Storm 0558 has been published
- Microsoft and Oracle Expand Partnership to Deliver Oracle Database Services on Oracle Cloud Infrastructure in Microsoft Azure
- Microsoft Fabric
- Microsoft 365 Copilot in GA November 1st
- Bicep support for Entra ID
- Azure Updated Manager GA
- Delegate Azure RBAC assignments with conditions- Azure VNET Flow Logs
- Terraform licensing and OpenTOFU
- Entra ID Device-bound passkeys as an authentication method (Said syncable passkeys in the Episode, which is not correct, sorry about that!)
And more... :) Enjoy!

Next Episode

25 - Google Next, Copilot for Security and Passkeys

In this episode we talk about news from Google Next, Entra External ID, Passkeys and Copilot for Security. Is Entra External ID, which will be GA in two weeks, ready to replace Azure AD B2C? How do passkeys really work? And, who is Copilot for Security really for?