Office 365 for IT Pros

Office 365 for IT Pros

https://office365itpros.com

Office 365 for IT Pros is the world's best book about Office 365 architecture, management, and deployment. Written by a team of highly experienced Microsoft MVPs, Office 365 for IT Pros is refreshed monthly.

Azure AD Moves to Block OAuth App Hijacking

Published

Azure AD Moves to Block OAuth App Hijacking

The new Azure AD app property lock feature (in preview) prevents attackers updating the credentials for an Azure AD enterprise app so that they can get an access token and exploit the app's permissions. This technique has been used in several attacks, notably the infamous SolarWinds exploit in 2021. The app property lock is not mandatory and it's important to keep on checking the audit log to make sure that attackers don't creep into your tenant.

Continue to website...

More from Office 365 for IT Pros