Last year, Microsoft introduced the public preview of a system-preferred multifactor authentication (MFA) for Azure Active Directory (Azure AD). The company announced yesterday that the feature is now generally available for all commercial customers. What is system-preferred MFA authentication? With system-preferred authentication enabled, Azure AD evaluates all authentication methods registered for a user account, and...
Microsoft has warned customers about Adversary-in-the-Middle (AiTM) phishing kit available for sale on a popular cybercrime forum. The software is designed to make it easier for attackers to deploy phishing campaigns to target enterprise accounts. According to the Microsoft Threat Intelligence team, this phishing kit is an open-source tool that is developed by a hacking…
Microsoft has started rolling out a new system-preferred authentication policy in preview for Azure AD customers. The feature enables the system to evaluate which authentication method should be used when a user signs in to Azure AD. With system-preferred authentication, Azure AD will check all authentication methods registered for an account and only show the…
Last week, Uber confirmed a major cybersecurity attack that compromised its internal communications and engineering systems. The company believes that someone affiliated with the hacking group Lapsus$ leveraged the MFA fatigue attack technique to compromise an Uber employee account. According to the New York Times, the hackers social engineered the company’s worker after discovering his…
Microsoft has released an update that blocks the use of unmanaged Azure AD accounts in organizations. The company has provided a set of tools to help IT admins find existing unmanaged accounts and reset their redemption status. In 2016, Microsoft introduced a self-service sign-up feature that allowed external users to sign up as guest members…
Cybersecurity company Mandiant has discovered that hackers are using a new technique to target enterprise networks. The researchers warned that threat actors exploit multifactor authentication (MFA) to gain unauthorized access to dormant Microsoft accounts. According to cybersecurity researchers at Mandiant, the exploit is being used in hacking campaigns by APT29 to bypass authentication. APT29 is…
Microsoft has discovered a new massive AiTM phishing campaign that can steal credentials even if the user account is protected with multi-factor authentication (MFA). The company has warned that the threat actors have targeted over 10,000 organizations since September 2021. According to Microsoft researchers, the AiTM campaign involves inserting a proxy server between a target…
The US Cybersecurity and Infrastructure Security Agency (CISA) and FBI released an alert about a Russian state-backed activity that allowed hackers to bypass multi-factor authentication (MFA) and exploit a security flaw to compromise networks. The security advisory indicates that the cyberattacks targeting a non-governmental organization (NGO) started back in May 2021. The threat actors leveraged…
Last Update: Sep 04, 2024
Microsoft has warned users about a new multi-phase campaign targeting enterprise customers. The Microsoft 365 Defender Threat Intelligence Team detailed its findings on its Security blog, which indicates that these phishing attacks mainly target organizations that haven’t enabled multi-factor authentication (MFA). As the name suggests, multi-factor authentication (MFA) is an authentication technique that requires two…
Last Update: Sep 04, 2024
SMS and Voice MFA Methods in Microsoft’s Crosshairs On November 10 Alex Weinert, the Director of Identity Security at Microsoft, posted It’s Time to Hang Up on Phone Transports for Authentication. The article argues that it’s time to consider dumping the SMS and voice methods for multi-factor authentication (MFA) in favor of passwordless strong authentication…
Last Update: Sep 04, 2024
Securing Confidential SharePoint Online Data SharePoint Online sites hold some very confidential information. Now that SharePoint Online supports sensitivity labels, you can protect individual documents with encryption to stop their contents leaking. Other features, like regarding newly uploaded documents sensitive by default to stop them being shared externally until Data Loss Prevention (DLP) processing completes,…
Last Update: Sep 04, 2024
Aidan takes a look back at 2018 and discusses some of the highlights from each month. It is interesting to me how I underrated some announcements which later became significant to Microsoft customers or to me.