A trio of problems caused by a software update in some of Microsoft's data centers led to a service outage for customers of the Azure Active Directory MFA service last week.
The flaw in Microsoft's Active Directory Federation Services lets an attacker use the same second factor to bypass multi-factor authentication for any account running on the same service. Microsoft has patched the flaw.
Pawn Storm (aka Fancy Bear) has been attempting to phish webmail accounts for many years now, targeting U.S. senators and political organizations across the world, according to a recent Trend Micro report.
There’s a new sneaky brute-force attack targeting unprotected enterprise Office 365 accounts, including those in the manufacturing, financial services, healthcare industries.
NIST releases a new version of their Security and Privacy Controls, addressing new risks posed by the latest technology - the Internet of Things, plus guidance on combining single sign-on and multi-factor authentication.