Loading...

Azure AD Moves to Block OAuth App Hijacking

Azure AD Moves to Block OAuth App Hijacking

The new Azure AD app property lock feature (in preview) prevents attackers updating the credentials for an Azure AD enterprise app so that they can get an access token and exploit the app's permissions. This technique has been used in several attacks, notably the infamous SolarWinds exploit in 2021. The app property lock is not mandatory and it's important to keep on checking the audit log to make sure that attackers don't creep into your tenant.

Published on: March 03, 2023

Office 365 for IT Pros

Office 365 for IT Pros

Office 365 for IT Pros is the world's best book about Office 365 architecture, management, and deployment. Written by a team of highly experienced Microsoft MVPs, Office 365 for IT Pros is refreshed monthly.

Share post:

Related posts

Integrate Dataverse Azure solutions – Part 2

Dataverse that help streamline your integrations, such as Microsoft Azure Service Bus, Microsoft Azure Event Hubs, and Microsoft Azure Logic A...

9 hours ago

Dynamics 365 CE Solution Import Failed in Azure DevOps Pipelines

Got the below error while importing Dynamics CRM Solution via Azure DevOps Pipeline. 2024-12-18T23:14:20.4630775Z ]2024-12-18T23:14:20.74...

1 day ago

Dedicated SQL Pool and Serverless SQL in Azure: Comparison and Use Cases

Table of Contents Introduction Azure Synapse Analytics provides two powerful SQL-based options for data processing: Dedicated SQL Pools and Se...

1 day ago

Training and fine-tuning your large AI models using Azure Blob Storage

2 days ago

Bring your data to AI applications – RAG with Azure Blob Storage

2 days ago

Wrtn Azure OpenAI Service Customer Story

2 days ago

Innovative Legal Solutions: Harvey's AI Platform and Azure OpenAI Service

2 days ago

Azure SQL ❤️ Python!

I recently presented at Python Day 2024 on Langchain integration. I created a slide deck that I believe can be useful beyond just the session,...

3 days ago

Azure Function Isolated Worker : Avoid comments in the Host file

As a .NET developer, the yearly release cycle is always one of my most anticipated event. This years edition is no exception, as it brings .NE...

3 days ago

Integrate Dataverse Azure Solutions – Part 1

Azure comes with a variety of other solutions, which can also be integrated with Dataverse. Dataverse that help streamline your integrations, ...

4 days ago

Blog image

Office 365 for IT Pros

Office 365 for IT Pros is the world's best book about Office 365 architecture, management, and deployment. Written by a team of highly experienced Microsoft MVPs, Office 365 for IT Pros is refreshed monthly.

Learn more

More from this blog

The Confusing Renaming of Microsoft 365 Copilot

Microsoft loves branding exercise. At least, that can be the only reason why the Microsoft 365 Copil...

Blocking Microsoft 365 Copilot From Making Inferences in Teams Meetings

The Copilot inference and evaluation policy controls if users can ask Copilot in Teams to evaluate t...

Processing Microsoft 365 Retention Labels with the Microsoft Graph PowerShell SDK

Two types of retention labels are in use: Microsoft 365 retention labels and MRM retention tags. Cli...

Microsoft Proposes a Horrible Change for the Search-UnifiedAuditLog Cmdlet

On December 12, Microsoft said that they want to make the Search-UnifiedAuditLog cmdlet use high com...

Teams Gets Resizable Windows and More Pop-Out Panes

In January 2025, Microsoft will introduce resizable Teams windows for the Windows and Mac desktop cl...

Microsoft 365 Users to Get the Org Explorer in Outlook

Microsoft originally were going to license the Outlook Org Explorer to E3 and E5 users. Then they ha...

Configure Sensitivity Labels to Block Document Downloads from SharePoint

The SharePoint Online Block Download Policy controls the ability to use features that rely on downlo...

February Deadline Looms for Legacy Exchange Tokens Used in Outlook Add-Ins

A February 2025 deadline looms for Outlook classic add-ins that use legacy Exchange tokens for authe...

New Option Available to Update Microsoft 365 User Profile Details

The scheduled retirement of Delve on December 16, 2024, meant that Microsoft had to create a new way...

Microsoft Kills Viva Goals

Microsoft's announcement of the Viva Goals retirement came as a complete surprise to the customers u...

Relevant topics:

Azure

Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!

* Yes, I agree to the privacy policy