Bleeping Computer

Microsoft accounts targeted with new MFA-bypassing phishing kit

A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign's ...
Hosted on MSN

Microsoft warns of phishing campaign bypassing MFA protections

Microsoft has detailed a global phishing campaign that targeted over 35,000 users in 26 countries using fake compliance emails and adversary-in-the-middle tactics to steal credentials and bypass multi ...
CSOonline

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access. Another device code phishing campaign that abuses OAuth ...
Hosted on MSN

GlobalProtect Faces Zero-Day Exploits and Evolving MFA Requirements

When GlobalProtect fails to prompt for credentials, it often means cached Microsoft account data or app cache files are interfering with the login process. Following a precise sequence to remove these ...