The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Bleeping Computer

Microsoft will roll out MFA-enforcing policies for admin portal access

Microsoft will soon start rolling out Conditional Access policies requiring multifactor authentication (MFA) from administrators when signing into Microsoft admin portals such as Microsoft Entra, ...
Redmond Magazine

Microsoft Previews Authentication Strength Feature for Greater Control over Multifactor Authentication Access Methods

Microsoft this week announced a preview of "Authentication Strength," a new control for organizations using the Azure Active Directory Conditional Access service. Authentication Strength lets IT pros ...
Virtualization Review

Expert Explains Conditional Access and Zero Trust Implementation in Microsoft Entra

At today's online summit hosted by RedmondMag, titled "Cloud Control: Securing Access and Identity in the Microsoft SaaS Stack," longtime Microsoft MVP and Principal Cloud Architect Joey D'Antoni ...