Dirk-Jan Mollema Walks Us Through the Entra ID Cross-Tenant Vulnerability Discovery

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/87/8c/ba/878cbab0-4fb7-aa03-1b8c-84b72fbd588a/mza_4491962740700471601.jpg/600x600bb.jpg

Talkin' Bout [Infosec] News

Black Hills Information Security

325 episodes

20 hours ago

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. Join us live on YouTube, Monday's at 4:30PM ET https://www.youtube.com/@BlackHillsInformationSecurity Brought to you by Black Hills Information Security. https://www.blackhillsinfosec.com

All content for Talkin' Bout [Infosec] News is the property of Black Hills Information Security and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Tech News

Technology,

News

https://img.transistorcdn.com/9ZsJnw9W1TmBkAX_Z8soshDitXyT5-KkPa7X3-FVsuE/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9kYTYx/MmEzMjEyNjE3Njky/YjYwMGVlMWEwNGJm/Zjk5ZC5qcGc.jpg

Dirk-Jan Mollema Walks Us Through the Entra ID Cross-Tenant Vulnerability Discovery– 2025-09-22

Talkin' Bout [Infosec] News

1 hour

2 months ago

Dirk-Jan Mollema Walks Us Through the Entra ID Cross-Tenant Vulnerability Discovery– 2025-09-22

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Unnatural European Fridges03:34 - The Entra ID Cross-Tenant Vulnerability Discovery – BHIS - Talkin’ Bout [infosec] News 2025-09-2204:14 - Story # 1: One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens21:32 - Story # 2: Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages40:50 - OSSPREY – NPM Package @Ctrl/Tinycolor Compromised: Shai Hulud Malware Targets Secrets and Persistence51:41 - Story # 3: Verified Steam game steals streamer’s cancer treatment donations57:16 - Story # 4: Heathrow warns of second day of disruption after cyber-attack