Bleeping Computer

Microsoft 365 MFA outage locks users out of their accounts

Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) issue preventing some customers from logging into their Microsoft 365 accounts. "We're investigating an issue with Multi-Factor ...
CRN

Microsoft Details Phased Mandatory MFA Rollout For Azure Users

'Nothing is safe anymore. The more layers of protection we can have, the better I sleep,’ Randy Jorgensen, managing member of South Jordan, Utah-based RJNetworks, tells CRN. Microsoft will take a ...
ZDNet

Microsoft's multi-factor authentication service goes down for second week in a row

Just over a week after a global problem with its multi-factor authentication (MFA) service plagued a number of users, another Microsoft MFA outage is impacting a number of customers. Many, but not all ...
ZDNet

Microsoft: MFA bypass attacks are so rare we don't have good statistics on them

Attacks on Microsoft user accounts that are capable of bypassing multi-factor authentication (MFA) protections are so rare that the Redmond-based company doesn't even have stats for them. "Compared to ...
CU Boulder News & Events

Get ready for Microsoft multi-factor authentication (MFA) - coming Oct. 7

Starting Oct. 7, CU Boulder will begin using Microsoft’s multi-factor authentication (MFA) system to better protect your account. It works a lot like Duo, which you already use to log in to the ...
Geeky Gadgets

Microsoft’s Big Security Shift : Is Your MFA Setup at Risk?

What if the very tools you rely on to secure your organization’s data are quietly becoming obsolete? That’s the reality facing businesses as Microsoft prepares to retire its legacy Multi-Factor ...
Dark Reading

Microsoft Will Require MFA for Azure Services

Starting in October, all Microsoft Azure customers will be required to have multifactor authentication (MFA) enabled on their accounts, Microsoft said. From Microsoft ...
Infosecurity-magazine.com

Microsoft Details How Phishing Campaign Bypassed MFA

A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked sign-in sessions and skipped the authentication process even if MFA was enabled, ...

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
Purdue University

Converting an existing Thunderbird setup for Microsoft MFA

This guide is specifically for current Purdue users of Thunderbird who are migrating the accounts already set up in Mozilla Thunderbird. This guide also assumes your copy of Thunderbird is at least ...
Ars Technica

Microsoft Authenticator App MFA - Any idea what would cause two users to get prompted for MFA in Teams at 4am?

I've had two users that came back to their phones finding they had missed MFA prompts at 4am (not on the same day). Digging into the logs (PC and Azure) I see nothing unusual, just that in both cases ...
SiliconANGLE

Microsoft WebView2 phishing technique can bypass MFA and steal login cookies

A cybersecurity researcher has developed a new phishing technique that can bypass multifactor authentication and steal login cookies through Microsoft Corp.’s Edge WebView2. WebView2 is a runtime, or ...