Threat Digest

Diagram showing the ROADtools architecture with modules like roadrecon, roadtx, and roadlib interacting with Entra ID APIs.

ROADtools: Cloud's New Shadow Play Revealed

The whisper about ROADtools has become a roar in the cybersecurity world. What began as a researcher's playground for understanding cloud identity has morphed into a sophisticated weapon in the hands of nation-state actors. It's a classic case of innovation bleeding into exploitation, and it’s fundamentally changing the cloud battleground.

6 min read 1 day, 11 hours ago

Abstract representation of network nodes and data flow with question marks and error symbols indicating a deceptive security event.

Cloud Security

[Warning] 'Ghost Logins' Fool SIEMs, Tax SOC Teams

Forget 'logs don't lie.' A new attack method makes Entra ID 'success' events look legitimate, even if no actual data access occurs. Your SIEM might be shouting 'all clear' while attackers are just messing with the sensors.

8 min read 3 weeks ago

#entra-id

ROADtools: Cloud's New Shadow Play Revealed

[Warning] 'Ghost Logins' Fool SIEMs, Tax SOC Teams