Adnan #InTheCloud

😳 Palo Alto Networks lays off hundreds of CyberArk employees one day after completing $25 billion acquisition calcalistech.com/ctechnews/arti…

Microsoft is auto-enabling passkeys in March 2026. No opt-in required. If you don’t configure it first… your tenant gets the defaults. I sat down with Microsofty Security MVPs @DanielatOCN and @WelkasWorld. We break down: 1️⃣ Passkey Profiles Are Becoming the Default → Starting March 2026: → Passkey profiles will be auto-enabled → Tenants that haven’t configured profiles will be migrated → Registration campaigns will shift from Authenticator-first to passkey-first 2️⃣ Source of Authority Conversion Is Finally GA For years, admins used messy delete-and-restore hacks to convert synced users to cloud-only. → Now it’s officially supported. → You can convert individual users from on-premises authority to cloud-managed — without breaking hybrid entirely. Why this matters: → Easier M&A transitions → Full access to Entra ID Governance features → Cleaner lifecycle management → Reduced dependency on legacy infrastructure --------------------- Sponsored by: Action1 on.action1.com/entrachat Action1 is a cloud-native patch management platform for Windows, macOS, Linux, and third-party apps — all from one place, no VPN needed. Curious how easy it is to start? You can use it on your first 200 endpoints, for free, forever, with no functional limits. It’s not a disguised free trial. No credit card required, no hidden limits, no tricks. Visit on.action1.com/entrachat and get started today. --------------------- 3️⃣ App Registration Deactivation (A Quietly Powerful Feature) → Microsoft added the ability to deactivate app registrations. → Instead of deleting an app (and losing configuration), you can now: → Immediately stop token issuance → Preserve metadata and permissions → Investigate safely → For incident response scenarios — especially in multi-tenant or MSP environments — this is a big step forward. 4️⃣ Conditional Access Behavior Changes → There’s also a change impacting tenants with Conditional Access policies targeting “All resources” but excluding certain apps. → Previously, certain minimal-scope apps could bypass enforcement under specific conditions. → That loophole is closing. 5️⃣ Sync Security Hardening (Hard Match Protection) → Microsoft is adding additional validation to protect against malicious hard matching scenarios in hybrid environments. → This reduces the risk of identity takeover via manipulated on-prem objects. → It’s automatic — but important to understand if you manage hybrid identity or MSP transitions. Watch the full episode for the deep technical breakdown and real-world implications. entra.news/p/microsoft-is…

🚀 Speaker Announcement! Excited to welcome Patrick van den Born to WP Ninja Connect on 4 Feb 2026! Patrick is a recognised expert in Azure Virtual Desktop and workplace virtualization, bringing strong technical and field experience. 🔗 lnkd.in/etS4pp4w 🥷🏼 #WPNinjasNL

Guilty 👆

NEW: You can now enable the Microsoft Defender for Office (Email Security) AIR feature to automatically remove malicious messages based on multiple similar attributes here: XDR Portal: security.microsoft.com/securitysettin… Docs: learn.microsoft.com/en-us/defender…

🛑 SonicWall patched an actively exploited flaw in SMA 100 series appliances. CVE-2025-40602 lets attackers escalate privileges via the management console and was chained with a prior bug for root access. Patches are now out for affected versions. 🔗 Read → thehackernews.com/2025/12/sonicw…

Every place an IT admin enters or stores their credentials is a potential place for them to be stolen and abused for ransomware, data theft, and more. For guidance on how to secure privileged access, see aka.ms/SPA

🛑 WARNING: CVE-2025-20393 is rated 10.0, with no patch available. Cisco confirmed active exploitation of an AsyncOS zero-day by a China-linked APT. The flaw allows root-level command execution on affected email security appliances and enables attackers to establish persistence. 🔗 Details and mitigations → thehackernews.com/2025/12/cisco-…

#Windows365 We are introducing a new “Region Group” location tier that will sit between the current geography and region locations techcommunity.microsoft.com/blog/windows-i…

Alleged @Pornhub data breach. How damaging could someone’s porn browsing history be? reuters.com/world/americas…

Discover the new features and updates for Copilot in the special November and December issue of the What's New in Copilot blog! msft.it/6010tWcce

Another Learning Opportunity! 9 Reasons of Protecting Your Network from Cyber Attacks charbelnemnom.com/protecting-you… #Microsoft #Azure #Blog > Please RP if you like it!

@NathanMcNulty Tut tut tut 🫢🤔

I hereby apologise to CISSPs, or NIST, or I don't even know... 🤷‍♂️

Is your corporate browser aligning with #Security standards? With #MSIntune and #MSEdge browser set the compliance standards for your organization learn.microsoft.com/en-us/intune/i…

Most exploitation activity related to the CVE-2025-55182 vulnerability affecting React Server Components, Next.js, and related frameworks originated from red teams assessments, but observed exploitation attempts by threat actors deliver various payloads. msft.it/6011tmKSF This pre-authentication remote code execution (RCE) vulnerability (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) could allow attackers to execute arbitrary code on vulnerable servers through a single malicious HTTP request. In this blog, Microsoft Defender researchers share insights and detailed analysis of observed exploitation activity, as well as mitigation, detection, and hunting guidance. Further investigation towards providing stronger protection measures is in progress, and the blog will be updated when more information becomes available.

Get complete visibility into agent activity, permissions, and security across Microsoft 365 and external platforms with Microsoft Agent 365. Check it out. youtu.be/yWwYLbMvc3s Bring AI agents directly into your daily workflows with Microsoft Agent 365. Agents have their own identity, email, OneDrive and Teams presence, and collaborate just like coworkers. Onboard agents, give them the policies and knowledge they need, and let them work in parallel with you to handle procurement, approvals, research, and updates using the same Microsoft 365 tools you already rely on. #Agent365 #aiagents #copilot #microsoft365 #microsoft

.@Office365 Microsoft is rolling out baseline security recommendations to #Microsoft365 tenants. Like any set of recommendations, it's wise to review settings before putting them into practice. office365itpros.com/2025/12/15/bas…

🎬 The aftermovie of our last WPNinjasNL meetup of 2025 is live! Huge thanks to @NACBreda for hosting, Proxsys for sponsoring, our speakers for sharing knowledge, and everyone who joined us 🙌 🎥 youtu.be/JKIlOOQHotA #WPNinjasNL #Community

🚀 Speaker Announcement! Proud to welcome Ken Goossens, Product Manager for Windows at Microsoft, to WP Ninja Connect on 4 Feb 2026! 🙌 🔗 Event info: lnkd.in/etS4pp4w More speakers coming soon 👀🥷🏼

Hardening the Hypervisor: Practical Defenses Against Ransomware Targeting ESXi huntress.com/blog/hyperviso…