CSOonline

Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication

Business email compromise (BEC) attacks, where hackers hijack finance-related email threads and trick employees into wiring money to the wrong accounts, has led to losses of tens of billions of ...
The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.
ZDNet

Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication

A phishing and business email compromise (BEC) campaign that attempts to steal millions of dollars from victims is targeting Microsoft 365 accounts with attacks that can bypass multi-factor ...
ZDNet

Hackers are using this sneaky exploit to bypass Microsoft's multi-factor authentication

Cyber criminals are exploiting dormant Microsoft accounts to bypass multi-factor authentication (MFA) and gain access to cloud services and networks, researchers have warned. The technique has been ...
CSOonline

Best practices for deploying multi-factor authentication on Microsoft networks

Microsoft will soon change the mandate to multi-factor authentication (MFA) with changes to Microsoft 365 defaults. As Microsoft points out, “When we look at hacked accounts, more than 99.9% don’t ...
Bleeping Computer

Microsoft confirms auth issues affecting Microsoft 365 users

Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features. As the company revealed earlier today in an incident alert ...
Bleeping Computer

Microsoft MFA outage blocking access to Microsoft 365 apps

Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. Some affected Microsoft 365 users also report that ...