CSOonline

How Azure Active Directory opens new authentication risks

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD. It’s been common knowledge ...
Dark Reading

Azure AD 'Log in With Microsoft' Authentication Bypass Affects Thousands

Organizations that have implemented the "Log in with Microsoft" feature in their Microsoft Azure Active Directory environments could potentially be vulnerable to an authentication bypass that opens ...
Computer Weekly

Users warned over Azure Active Directory authentication flaw

Researchers at Secureworks’ Counter Threat Unit (CTU) have warned of a new and potentially serious vulnerability affecting the pass-through authentication (PTA) hybrid identity authentication method ...
Ars Technica

New Azure Active Directory password brute-forcing flaw has no fix

Imagine having unlimited attempts to guess someone’s username and password without getting caught. That would make an ideal scenario for a stealthy threat actor—leaving server admins with little to no ...
Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...