Wired

A Sinister Way to Beat Multifactor Authentication Is on the Rise

This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast. The strongest forms ...
Ars Technica

Microsoft Authenticator App MFA - Any idea what would cause two users to get prompted for MFA in Teams at 4am?

I've had two users that came back to their phones finding they had missed MFA prompts at 4am (not on the same day). Digging into the logs (PC and Azure) I see nothing unusual, just that in both cases ...
Virtualization Review

Why Your MFA Isn't Good Enough

Our practicing cybersecurity expert in Australia looks at the different types of MFA and how you can use them in a Microsoft context, dives deep into "in the middle" schemes and relates a successful ...
Dark Reading

Microsoft Authenticator to Enforce Number Matching

Multifactor authentication (MFA) is an essential element of identity and access management, but it is not fail-proof, especially as attackers increasingly employ social-engineering tactics to bypass ...
Ars Technica

Lapsus$ and Solar Winds hackers both use the same old trick to bypass MFA

Accepting an MFA request that you didn't request seems incredibly dumb. I guess a 'hacker' could just call in the middle of the night and ask, "What's your password?" and after three or four calls ...
Cyber Defense Magazine

How Real-Time Phishing Relay Attacks Work—And How To Stop Them Cold Today

Real-time phishing relay attacks are now the most dangerous and effective weapon in the modern cybercriminal’s arsenal. They ...