Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
CSOonline

Stopping the two-factor threat: configuring Microsoft Entra ID to prevent authentication breaches

Bad actors that have breached a system can adding fake devices to bypass multifactor authentication – here’s how to stop them Multifactor authentication (MFA) can be a mighty bulwark against ...
Bleeping Computer

Microsoft to start enforcing Azure multi-factor authentication in July

Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources. After first completing the rollout for the Azure ...
Dark Reading

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Researchers have found a way to manipulate the credential validation process in Microsoft Entra ID identity environments that they say attackers can use to bypass authentication in hybrid identity ...