# Risky Business #808: Insane Megabug in Entra Exposed All Tenants

The recent exposé of a massive megabug in Entra has left all tenants exposed to potential security risks. The bug, which has been described as "insane" by cybersecurity experts, was discovered after a thorough investigation by Sublime Security U.S.

The megabug is believed to have been introduced via Actor tokens, which are used to manage access control in Entra. According to dirkjanm.io, the attacker was able to obtain Global Admin privileges in every Entra ID tenant using these tokens. This means that even the most secure environments were vulnerable to unauthorized access.

The incident has sparked concerns about the security of Entra and the potential consequences for its users. As a result, it is essential for tenants to take immediate action to rectify the situation and protect their data.

In other cybersecurity news, the U.S. Secret Service disrupted a telecom network that was under attack during the recent U.N. General Assembly in New York City. The disruption prevented potential further damage and ensured public safety.

Meanwhile, MI6 has launched a darkweb portal to recruit foreign spies and gather intelligence on potential security threats.

A cyberattack targeting a third-party vendor has resulted in flight delays across Europe. The attack occurred at a major European airport, which is now working to restore its check-in systems.

The incident highlights the ongoing threat of cyberattacks in the aviation industry and the importance of robust cybersecurity measures to protect against such threats.

In related news, Major European airports are working to restore services after a cyberattack on their check-in systems. The attacks have caused significant disruptions to air travel and highlighted the need for enhanced cybersecurity measures.

Las Vegas police have arrested two more individuals suspected of being members of the Scattered Spider hacking group, which has been linked to high-profile breaches and ransomware attacks.

The U.S. Department of Justice has announced that the Scattered Spider group took $115 million in ransoms and breached a US court system.

The group's activities have raised concerns about the growing threat of cyberattacks and the need for robust cybersecurity measures to protect against such threats.

A recent cyberattack on the UK's transportation system, known as the Scattered Spider attack, has had significant consequences for commuters. The group was responsible for breaching the London transit system.

Alleged members of the Scattered Spider hacking group have been arrested by authorities, highlighting the ongoing efforts to combat cybercrime.

In another incident, a minor was accused of participating in high-profile casino attacks last year. Las Vegas police arrested the suspect and charged them with multiple counts of computer hacking.

The arrest highlights the growing threat of cyberattacks on casinos and other vulnerable targets.

A recent report by Google shows that ransomware attacks were prevalent in November 2023, with many cases resulting in significant financial losses.

Experts warn that AI-powered vulnerability detection may make things worse, not better, due to potential false positives or misclassifications.

In conclusion, the recent megabug in Entra and other cybersecurity incidents highlight the ongoing threat of cyberattacks. It is essential for organizations and individuals to take proactive measures to protect themselves against such threats.

By staying informed about the latest cybersecurity news and taking steps to enhance their security posture, individuals can reduce their risk of falling victim to a cyberattack.

As the threat landscape continues to evolve, it is crucial for organizations and governments to work together to develop effective strategies to combat cybercrime.