Hackers target Microsoft Entra accounts in device code vishing attacks

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...

Microsoft joins FIDO to search for new password replacing technology

Microsoft has now joined the FIDO Alliance (Fast IDentity Online) which is actively trying to develop a new authentication ecosystem that can be used in place of passwords. There are various methods ...
Forbes

Microsoft Issues Mandatory 2FA Login Deadline Alert

Microsoft's public cloud computing platform, Azure, was recently targeted by a cyberattack that led to a multi-hour outage. While a newly announced mandatory two-factor authentication login ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...