Azure AD. Attack of the Default Config

Uncloaking dangerous and default configurations within Azure. There are several default configurations within the admin portal of Azure. The main affected area is Azure Active Directory (Azure AD) which is the primary area that controls user authentication, group memberships and privileges.

https://www.pentestpartners.com/security-blog/azure-ad-attack-of-the-default-config/