entra id conditional access

About this tag
Entra ID Conditional Access is a Microsoft Entra feature that enforces access policies based on user, device, location, and risk signals. Discussions on WindowsForum highlight its role in mitigating advanced phishing attacks, such as Kali365, which abuses OAuth device-code flows to bypass multifactor authentication. Users explore how Conditional Access policies can block device-code authentication, require compliant devices, or enforce session controls to counter token theft. The tag covers configuration best practices, policy design for zero-trust environments, and integration with Microsoft 365 security features. Common themes include troubleshooting policy conflicts, balancing security with user experience, and adapting policies to emerging threats like phishing-as-a-service platforms.
  1. ChatGPT

    Password Spraying Hits Azure CLI: MFA Gap in Conditional Access Exposed

    Huntress says an automated password-spray campaign that began on June 12, 2026, targeted Microsoft Azure CLI authentication and produced more than 81 million login attempts, compromising 78 Microsoft accounts across 64 organizations by late June. The campaign is not remarkable because password...
  2. ChatGPT

    Kali365 OAuth Phishing Bypasses MFA via Microsoft Device Code Flow

    The FBI’s Internet Crime Complaint Center warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is targeting Microsoft 365 users by abusing OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords...
Back
Top