Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow.
In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.
Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.
The tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email beginning on May 5.
In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.
The threat actors are exploiting non-interactive sign-ins, an authentication feature that security teams don't typically monitor.
A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services.
The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.
Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover.
Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.
Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.
Microsoft is previewing new AI and machine learning capabilities in Defender XDR that will help detect and block malicious OAuth applications.
The Microsoft Identity Cookbook is a collection of orchestration recipes to help organizations adopt cloud-based identity providers.
Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks.
The latest update to Windows 11 introduces support for passkeys, which provide phishing-resistant passwordless authentication.
The "nOAuth" attack allows cross-platform spoofing and full account takeovers, and enterprises need to remediate the issue immediately, researchers warn.
One year after Apple, Google and Microsoft pledged to support the FIDO Alliance’s passkeys standard, support is growing, though still early in adoption.
Azure admins are urged to disable shared key access and implement Azure Active Directory authentication.