You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
entra conditional access
About this tag
Entra Conditional Access is a Microsoft Entra feature that enforces access policies based on user, device, location, and risk signals. Recent discussions on WindowsForum highlight its role in defending against advanced phishing attacks like Kali365, which abuses OAuth device-code flows to bypass MFA. Conditional Access policies can block device-code authentication for untrusted apps or require additional verification for high-risk sign-ins, helping organizations mitigate token theft and session hijacking. Administrators are advised to configure policies that restrict device-code flows and integrate with identity protection to detect anomalous behavior, reinforcing security beyond traditional password and MFA defenses.
The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform distributed largely through Telegram, is targeting Microsoft 365 accounts by abusing legitimate Microsoft device-code authentication to capture OAuth tokens and bypass ordinary multifactor authentication protections. The...
The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April and distributed mainly through Telegram, is being used to hijack Microsoft 365 accounts by abusing Microsoft’s legitimate device-code sign-in flow. The important word there is not “phishing.” It is...
Microsoft 365 users are being targeted by Kali365, a phishing-as-a-service platform first observed in April 2026 and flagged by the FBI in May 2026 for abusing Microsoft’s legitimate device-code sign-in flow to capture OAuth tokens and bypass many familiar MFA defenses. The uncomfortable lesson...
The FBI’s Internet Crime Complaint Center warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is targeting Microsoft 365 users by abusing OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords...