A Russia-aligned threat group uses Microsoft 365 device code phishing to steal credentials and take over accounts, tracked ...
Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...
A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...
Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.
Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...
Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years ...
America’s cyber defense agency now warns Google, Microsoft and Apple users to secure their accounts — change passwords, ...
BLACK HAT, EUROPE -- (Booth #305) -- Push Security, a leader in browser-based detection and response, today announced the discovery of a new class of phishing attack that enables Microsoft account ...
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...
Microsoft puts the power of AI in the hands of everyday non-technical Joes. It's a nice idea, and a surefire recipe for ...
Microsoft is moving to disable RC4, an encryption cipher embedded in Windows authentication for more than two decades. The decision follows years of documented abuse, repeated warnings from security ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback