TL;DR: Cross-Tenant Synchronisation misconfig in a compromised tenant pushes attacker identities into partner tenants for lateral movement and persistence.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://www.tenable.com/blog/despite-recent-security-hardening-entra-id-synchronization-feature-remains-open-for-abuse