Cyber Security Headlines

Microsoft Entra lockouts, wine tasting malware, job scam solution

Apr 21, 2025

08:23

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The rollout of the Microsoft Entra MACE credential revocation app led to widespread account lockouts due to false positives in detecting credential leaks.

A sophisticated scam using malware via NFC technology exploits fraudulent bank alerts, tricking victims into providing sensitive card information for immediate theft.

Deep dives

Mass Account Lockouts Due to Microsoft Entra Update

A recent rollout of a new security feature in Microsoft Entra ID, specifically the MACE credential revocation app, caused widespread account lockouts across various organizations. The app triggered false positives in detecting leaked credentials, leading to the locking out of users who had unique passwords and multi-factor authentication in place. Reports indicated that over 20,000 notifications were sent to a managed detection and response provider due to the false alerts, illustrating the extensive reach of the issue. Microsoft acknowledged that the problem stemmed from the MACE app rollout, highlighting the challenges organizations face when implementing security updates.

Intro

2min

Cybersecurity Threats: Hidden Extensions and WebEx Vulnerabilities

3min

Critical Cyber Threats and Vulnerabilities Unveiled

3min

Widespread Microsoft Entra lockouts cause by new security feature rollout

Malware delivered through diplomatic wine-tasting invites

British companies told to hold in-person interviews to thwart North Korea job scammers

Huge thanks to our sponsor, Dropzone AI

Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while handling five times more alerts per analyst. Unlike complex SOAR solutions, Dropzone deploys quickly and adapts to your environment without the need for playbooks or coding. Eliminate backlogs, reduce false positives, and deliver the detailed investigations your clients expect. Ready to scale your MSSP without scaling your team? Meet us at booth ESE-60 at RSA.

Find the stories behind the headlines at CISOseries.com.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cyber Security Headlines

Microsoft Entra lockouts, wine tasting malware, job scam solution

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Mass Account Lockouts Due to Microsoft Entra Update

Innovative Scamming Techniques Targeting Payment Cards

Remember Everything You Learn from Podcasts