Dark Reading

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

A newly discovered vulnerability in Microsoft's Active Directory Federation Services (ADFS) lets threat actors bypass multifactor authentication (MFA) as long as they have the username and password ...
Redmond Magazine

Targeting Microsoft ADFS: How Phishing Campaigns Bypass Multi-Factor Authentication to Enable Account Takeover

A sophisticated phishing campaign is targeting organizations that rely on Microsoft’s Active Directory Federation Services (ADFS), using spoofed login pages to harvest credentials and bypass ...
Threat Post

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

This is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building. A vulnerability in Microsoft’s Active Directory Federation Services ...
Computer Weekly

Businesses urged to patch Microsoft flaw allowing MFA bypass

A vulnerability in Microsoft’s Active Directory Federation Services (ADFS) could allow attackers to bypass multifactor authentication (MFA) systems, researchers at identity management firm Okta have ...
Information Age

Vulnerability in Microsoft’s MFA could wreak havoc on organisations, says security expert

It’s a bit like “taking a room key for a building and turning it into a skeleton key that works on every door in the building,” explained a blog on the Okta REX website. To exploit the vulnerability, ...