Microsoft Entra Now Supports Credentials on Jailbroken Devices, Raising Security Concerns

Microsoft has announced that its Entra platform now supports the use of credentials on jailbroken devices, a move that has sparked significant security concerns among cybersecurity experts. Jailbroken devices, which have been modified to remove manufacturer restrictions, are often more vulnerable to attacks due to the lack of built-in security controls. By allowing credentials to be used on such devices, Microsoft risks exposing sensitive user data to potential threats. This change could lead to increased risks of unauthorized access, data breaches, and exploitation by malicious actors. Cybersecurity professionals warn that organizations should carefully evaluate the security implications of enabling credential use on jailbroken devices and consider implementing additional safeguards. The decision highlights the ongoing challenge of balancing user convenience with robust security measures in the evolving landscape of mobile device management and identity verification. As threats continue to evolve, it is crucial for companies to stay vigilant and adapt their security strategies accordingly to protect their digital assets and user information.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 04 Nov 2025 14:00:26 +0000

Cyber News related to Microsoft Entra Now Supports Credentials on Jailbroken Devices, Raising Security Concerns

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com

How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
1 year ago Techtarget.com

How to secure on-prem apps with Entra Application Proxy - If your internal web applications are still internet-facing, then it's time to move away from turning your firewall into Swiss cheese just to externalize apps for your users. To reduce the attack surface, a traditional method, such as a VPN, has its ...
1 year ago Techtarget.com

New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
1 year ago Microsoft.com

Microsoft Entra Now Supports Credentials on Jailbroken Devices, Raising Security Concerns - Microsoft has announced that its Entra platform now supports the use of credentials on jailbroken devices, a move that has sparked significant security concerns among cybersecurity experts. Jailbroken devices, which have been modified to remove ...
1 week ago Cybersecuritynews.com

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
4 months ago Cybersecuritynews.com

Microsoft Addresses Entra ID Token Logging Issue, Alerts to Protect Users - Microsoft has acknowledged a recent issue that triggered widespread alerts in its Entra ID Protection system, flagging user accounts as high risk due to supposed credential leaks on the dark web. The alerts have been attributed to a combination of an ...
6 months ago Cybersecuritynews.com

Microsoft Breach - How Can I See This In BloodHound? - On January 25, 2024, Microsoft announced Russia's foreign intelligence service breached their corporate EntraID environment. We reviewed the information Microsoft's team provided in their post which contained details significant enough to explain ...
1 year ago Securityboulevard.com

Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com

Rooted (Jailbroken) Mobile Devices 3.5 Times More Vulnerable to Cyber Attacks - While manufacturers have introduced more customization options and tighter security protocols to reduce these practices, rooted and jailbroken devices continue to pose serious security threats especially in enterprise environments. Security experts ...
7 months ago Cybersecuritynews.com

5 ways to secure identity and access for 2024 - 1 This increase is due in part to the rise of generative AI and large language models, which bring new opportunities and challenges for security professionals while affecting what we must do to secure access effectively. Learn how unified multicloud ...
1 year ago Microsoft.com

Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
1 year ago Techcommunity.microsoft.com

Iranian Hackers Developed a New Backdoor to Hack Windows - Peach Sandstorm, an Iranian Hackers group, targets diverse sectors globally, and this group is linked to:-. Using password spray campaigns, Peach Sandstorm exhibits opportunistic behavior, with a history of relying on this tactic. This custom ...
1 year ago Cybersecuritynews.com

"Microsoft’s Secure Future Initiative" Biggest cybersecurity Project in Its History - Led by Charlie Bell, Executive Vice President of Microsoft Security, the initiative has mobilized the equivalent of 34,000 engineers working full-time for 11 months to bolster security for Microsoft, its customers, and the broader industry. Following ...
6 months ago Cybersecuritynews.com

Microsoft fixes Entra ID authentication issue caused by DNS change - "Between 17:18 UTC and 18:35 UTC on 25 February 2025, customers attempting to authenticate with Microsoft Entra ID using the Seamless SSO and Microsoft Entra Connect Sync features may have experienced DNS resolution failures when trying to access ...
8 months ago Bleepingcomputer.com

Microsoft Details on How Security Copilot in Intune and Entra Helps Security and IT Teams - Cyber Security News - This new functionality allows IT administrators to interact with endpoint management data through natural language queries, fundamentally changing how teams extract insights and take action across multiple domains including devices, applications, ...
3 months ago Cybersecuritynews.com

20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
7 months ago Cybersecuritynews.com

Widespread Microsoft Entra lockouts tied to new security feature rollout - In a Reddit thread posted early this morning, Windows admins reported receiving multiple alerts from Entra indicating that some of their user accounts had been found with credentials leaked on the dark web or other locations. Windows administrators ...
6 months ago Bleepingcomputer.com

Microsoft Boosts MSA Signing Service Security on Azure Following Storm-0558 Breach - “We have applied new defense-in-depth protections, migrated the Microsoft Account (MSA) signing service to run on Azure confidential VMs, and we are migrating the Entra ID signing service to Azure confidential VMs,” states the report, ...
6 months ago Cybersecuritynews.com

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions - In particular, there is an immediate and profound impact on the identity and access management postures of both companies. While most combined organizations aspire to eventually consolidate their identity systems, this is a challenging and ...
1 year ago Microsoft.com

IoT Security: Safeguarding Business IoT Devices - The security of IoT devices is of utmost importance as businesses increasingly rely on them to streamline operations and enhance productivity. In this discussion, we will explore the importance of IoT security in safeguarding business IoT devices and ...
1 year ago Securityzap.com

Microsoft will roll out MFA-enforcing policies for admin portal access - Microsoft will soon start rolling out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure. The company will also ...
1 year ago Bleepingcomputer.com

Microsoft Entra ID DNS Resolution Failures Results in Authentication Issues - Organizations should configure Azure Service Health alerts for real-time incident updates and review filtering rules in Entra Connect Sync to minimize blast radius during future outages. This domain facilitates the silent Kerberos ticket exchange ...
8 months ago Cybersecuritynews.com

Microsoft: Hackers steal emails in device code phishing attacks - "The invitations lure the user into completing a device code authentication request emulating the experience of the messaging service, which provides Storm-2372 initial access to victim accounts and enables Graph API data collection activities, such ...
8 months ago Bleepingcomputer.com

CVE-2025-59044 - Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf `id_attr_map = name` (the default configuration). Because ...
2 months ago