Entra 🆔 News #84 → This week in Microsoft Entra
Learn about device code phishing and how you can block it 🎣, common risk-based Conditional Access policy misconfigurations 🤔, and more! 🎉
Hi everyone,
Merill and Joshua here with this week's Microsoft Entra news roundup.
Important Security Alert: Microsoft Threat Intelligence has issued a warning about cyberattacks from the Storm-2372 group. They are targeting governments, NGOs, and various industries globally. Check out the Microsoft post for full details.
We've also re-shared a post from last year explaining device code flow and how to use conditional access policies to block them.
Enjoy!
Sponsored by:
EasyEntra: Consolidated Hybrid Microsoft 365 Management
Managing Microsoft 365 and hybrid AD doesn’t have to be slow and complex. EasyEntra streamlines user administration into a single, intuitive console and enables first-level IT support to resolve tickets quickly, consistently, and without escalating to senior IT. With EasyEntra, you can save time, reduce complexity, and improve service delivery.
✅ Unified Hybrid Management – Seamlessly manage Entra ID and on-prem AD in one console.
✅ Fast & Responsive UI – Perform user admin tasks at the speed of your thought.
✅ User Lifecycle Automation – Streamline user onboarding and offboarding with consistent automation.
✅ Freemium Version – Manage any number of small tenants (< 25 licensed users) side-by-side completely free.
✅ No Infrastructure Changes – Install and configure in less than one minute.
⚡️ Microsoft
📖 Read
Storm-2372 conducts device code phishing campaign • Microsoft Threat Intelligence
📺 Watch
Microsoft Entra Health Monitoring Introduction (18 min) • Sarah Baranowski, Shreyes Nama Shankar
425 Show | Onboarding to Intune macOS and Protecting with Entra Solutions (62 min) • Neil Johnson, Iris Yuning Ye
📆 Upcoming Events
New webinar series: How to secure access for your employees with the Microsoft Entra Suite • Amelie Darchicourt
From the community…
🚀 Most popular posts from last week
Entra configurations you MUST do! • Julian Rasmussen
Automating Azure PIM Role Elevation with PowerShell • Øystein
Windows Hello for Business: Enhanced Sign-in Security • Nicklas Ahlberg
☀️ Learn
⛑️ ID Protection
👮♂️ ID Governance
🌐 Private Access & Internet Access (GSA)
Secure Remote Desktop Services with Microsoft Entra Application Proxy • Liam Robinson
Self-Service for Web Content Filtering Exceptions in Global Secure Access • Christian Frohn
📦 Apps
Microsoft Graph Bicep – Part 1 • Michele Blum
Practical Graph: Controlling App Access to SharePoint Online Sites • Tony Redmond
Introduction to Entra ID multi-tenant applications • Twan van Beers
Bicep for graph resources • Maik van der Gaag
Securing API to API calls in Azure with Entra and API Management • Dan Rios
🔑 Authentication
Passkey Implementations: How to Do It Right • Dr. Emin Huseynov
👥 User & Group Management
Build your own user onboarding automation – Entra ID user account creation • Peter Klapwijk
How to Use Bulk User Operations in Entra Admin Center • Tony Redmond
New bulk edit features for users in Microsoft Entra ID • Daniel Bradley
Use Protected Actions to Stop Attackers Hard-Deleting Entra ID Accounts • Tony Redmond
🤖 DevOps & PowerShell
Microsoft Graph PowerShell SDK Needs to Fix Its Password Problem • Tony Redmond
Manage Guest Users in Microsoft 365 with PowerShell • Ali Tajran
A Mini Dive into the Microsoft Entra PowerShell Module: An Intune Administrator’s Perspective • Ben Whitemore
🚦 Conditional Access
The Main Reason You Shouldn't Exclude Break Glass By Group in Conditional Access • Jay Kerai
Conditional Access Framework (2025.2.3) • Joey Verlinden
Always On VPN and Entra Conditional Access • Richard M. Hicks
Protected Actions: Adding Extra Guards to Your Entra ID Gate! • Per-Torben Sørensen
Protected Actions – Protect Hard Deletions of Objects • Rudy Mens
🖥️ Devices
Configuring Windows LAPS – Niklas Blog • Niklas Rast
🥷 Security
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication • Charlie Gardner, Steven Adair, Tom Lancaster
Microsoft Graph Activity to Basic Logs • Debac Manikandan
Monitor Elevated Access in Microsoft Entra with Sentinel • Charbel Nemnom
How to Set Up an Emergency Access App in Entra ID for Admin Recovery • Sreejith Reghunathan Pillai
♻️ Sync
From the field: You receive error ‘AADSTS9090561 The endpoint only accepts POST requests. Received a GET request’ when signing in • Sander Berkouwer
⚒️ Toolkit
zh54321/GraphPreConsentExplorer - A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable with a simple HTML GUI • zh54321
migrate-per-user-mfa-to-ca.ps1 - Script to migrate from Per user MFA to Conditional Access • Nathan McNulty
🎙️ Podcasts
TrustedSec: Security Noise Podcast - Authentication in 2025 • Geoff Walton, Skyler Tuter, Edwin David, Justin Bollinger
Identity at the Center Podcast: Mastering Group Management with Microsoft's David Johnson (51 min) • Jim McDonald, Jeff Steadman, David Johnson
Cloudfirst Podcast: Using managed identities and federated credentials to eliminate secrets • Marius Sandbu
📺 Watch
FIDO Alliance: Stop Counting Factors... Start Describing Authentication Events (32 min) • Pamela Dingle, Dean Saxe
Black Hat: Hook, Line and Sinker: Phishing Windows Hello for Business (25 min) • Yehuda Smirnov
Azure Super Mode with Entra ID User Access Administrator and NEW Logging Ability (18 min) • John Savill
Microsoft Entra ID 5 New Killer Features that you Have to Know! (17 min) • Andy Malone
Entra ID - Must-Do configuration changes (9 min) • Julian Rasmussen MVP
'Edit Users' option in Entra ID (Public Preview) (3 min) • Rio Hindle
Difference between delegated and application permissions in Microsoft Entra ID (16 min) • Lukas Beran
How to Retain Sign in logs in Entra beyond 30 days (20 min) • Nick Ross
🔥 Maester
👨🏽💻 Merill’s corner
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.