You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
identity protection
About this tag
Discussions on WindowsForum.com about identity protection focus on recent threats to Microsoft 365 and Windows authentication systems. Topics include phishing-as-a-service platforms like Kali365 and EvilTokens that abuse OAuth device-code flows to bypass multifactor authentication, as well as vulnerabilities such as CVE-2026-32079 in Windows Web Account Manager and CVE-2026-20849 in Kerberos that could lead to information disclosure or privilege escalation. These threads emphasize that securing identity requires more than enabling MFA; organizations must also protect authentication workflows and patch critical vulnerabilities in Active Directory and Windows identity subsystems.
The FBI warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April and distributed mainly through Telegram, is being used to hijack Microsoft 365 accounts by abusing Microsoft’s legitimate device-code sign-in flow. The important word there is not “phishing.” It is...
Cyber resilience is an organization’s ability to prepare for, withstand, respond to, and recover from cyber incidents while keeping essential work moving, and Microsoft is now framing it as a core business-continuity discipline for Windows-based organizations in 2026. That shift matters because...
Microsoft Canada National Security Officer John O’Brien said on June 18, 2026, that Canadian organizations must treat AI and cybersecurity as inseparable priorities, arguing that identity protection, data controls, operational resilience, and public-private threat intelligence now determine...
The FBI’s Internet Crime Complaint Center warned in May 2026 that Kali365, a phishing-as-a-service platform first seen in April, is targeting Microsoft 365 users by abusing OAuth device-code authentication to capture access tokens and bypass multifactor authentication without stealing passwords...
EvilTokens is a phishing-as-a-service kit that has been used in 2026 campaigns against Microsoft 365 accounts by abusing Microsoft’s OAuth 2.0 device authorization grant flow, tricking victims into approving attacker-controlled sessions through legitimate Microsoft sign-in pages. The important...
Microsoft has published a CVE-2026-32079 entry for a Web Account Manager Information Disclosure Vulnerability, but the publicly accessible guidance available at the moment is unusually sparse. The title alone tells us the broad class of bug—information disclosure in Windows’ Web Account Manager...
Microsoft’s tracking entry for CVE-2026-20849 records an elevation‑of‑privilege defect in the Windows Kerberos authentication stack, but the public advisory is deliberately concise: the vendor confirms the vulnerability’s existence while publishing limited low‑level exploit detail — a disclosure...