Microsoft's Azure Active Directory Cross-Tenant Synchronization Feature Is Exploitable, Allowing Lateral Spread

In June 2023, Microsoft introduced the Azure Active Directory Cross-Tenant Synchronization (CTS) feature, allowing administrators to synchronize users and groups across multiple tenants for seamless collaboration and lifecycle management.However, if not properly configured, threat actors with elevated privileges could exploit CTS to move laterally to other connected tenants and establish persistence on their networks.This potential attack surface was highlighted by Invictus in their report on detecting abuses of this feature.Read more...