Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising hundreds of organizations daily.
CSOonline

EvilTokens abuses Microsoft device code flow for account takeovers

A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia researchers first spotted the toolkit ...

Hundreds of orgs compromised daily in Microsoft device code phishing attacks

Hundreds of organizations have been compromised daily by a Microsoft device-code phishing campaign that uses AI and automation at nearly every stage of the attack chain to ultimately snoop through ...
THE Journal

AI-Driven Campaign Compromises Accounts More Effectively than Traditional Phishing Attacks

Microsoft recently uncovered a large-scale, sophisticated AI-driven phishing campaign that uses automation and legitimate authentication processes to compromise accounts more effectively than ...
Hosted on MSN

The growing threat of device code phishing and how to defend against It

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...
Infosecurity-magazine.com

Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing

Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this ...
Computer Weekly

Two-factor authentication is broken: What comes next?

It has long been known that passwords are one of the weakest methods for authenticating users. One of the first examples of a password being compromised can be traced back to 413 BCE, when the Greek ...