mfa bypass

Enterprise-targeted phishing has migrated from dodgy domains and cheap VPSes to the same cloud platforms that companies trust to run their businesses—Microsoft Azure, Google Firebase, AWS and Cloudflare—and that shift is changing how SOCs detect, investigate, and stop credential theft and MFA...

Rockwell Automation has published fixes for two high‑impact vulnerabilities in FactoryTalk DataMosaix Private Cloud — an MFA bypass that can produce a valid login token without a password (CVE‑2025‑11084) and a persistent cross‑site scripting flaw that can enable account takeover or credential...

SonicWall VPN users face an immediate, high‑risk reality: the Akira ransomware group is actively compromising SSL VPN accounts — and in multiple confirmed incidents attackers have authenticated into accounts protected by SonicWall’s built‑in one‑time‑password (OTP) MFA. Overview In late July...

A new, industrialized phishing service called VoidProxy is being used by multiple criminal groups to intercept Google and Microsoft sign-ins in real time, harvest credentials, MFA responses and — critically — session cookies that let attackers impersonate users without needing passwords or...

This week’s wave of security headlines delivered a clear, uncomfortable message for Windows admins and security teams: the internet’s trust fabric is fraying in ways that let attackers hide inside legitimate flows — and Microsoft’s own infrastructure, link‑wrapping services, and even patch...

Identity research published in July surfaces two sobering truths for Windows shops: attackers can now bypass dMSA authentication in Windows Server 2025 to mass‑generate service account passwords for lateral movement, and misgoverned first‑party apps in Microsoft Entra ID can be abused to...

Threat actors in 2025 have harnessed a new caliber of cyberattack, subverting enterprise identity and trust by weaponizing Microsoft OAuth applications to bypass even the most robust multi-factor authentication (MFA) defenses. This emerging campaign, tracked by Proofpoint and other leading...

Sophisticated cyber adversaries have shifted tactics in recent months, exploiting fake Microsoft OAuth applications in tandem with advanced phishing toolkits such as Tycoon and ODx to compromise Microsoft 365 accounts worldwide. These attacks, tracked by researchers and security vendors...

In a rapidly evolving threat landscape marked by sophisticated digital deception, the Scattered Spider hacking group has carved out a notorious reputation for exploiting trust—both technological and human—to compromise some of the world’s most widely used platforms. Recent advisories from...

Security researchers have recently identified a critical vulnerability within Microsoft Entra ID, formerly known as Azure Active Directory, that enables attackers to escalate their privileges to Global Administrator status. This flaw poses a significant threat to organizations relying on...

In the first week of June, the cybersecurity landscape took another sobering turn when The Washington Post fell victim to a targeted email account compromise. Multiple Microsoft 365 work email accounts belonging to journalists were breached, prompting urgent password resets and a rapid...

As cyber threats targeting Microsoft 365 continue to evolve, organizations must remain vigilant to protect their critical data and maintain operational integrity. Recent analyses have identified several pressing security challenges that demand immediate attention. 1. Privilege Escalation...

In the rapidly evolving digital landscape, Microsoft 365 has become a cornerstone for organizational productivity, offering a suite of tools that facilitate communication, collaboration, and data management. However, its widespread adoption has also made it a prime target for cyber threats...

As cyber threats targeting Microsoft 365 continue to evolve, organizations must remain vigilant to protect their critical productivity tools. Recent analyses have identified several prominent security challenges that demand immediate attention. 1. Phishing Attacks Phishing remains a primary...

As cyber threats targeting Microsoft 365 continue to evolve, organizations must remain vigilant to protect their critical productivity tools. Recent analyses have identified several pressing security challenges that demand immediate attention. 1. Privilege Escalation Attackers often exploit...

The emergence of Void Blizzard—a newly identified, Russian-affiliated threat actor—has sent ripples of concern through cybersecurity communities, government agencies, and critical infrastructure operators worldwide. According to detailed findings published by Microsoft Threat Intelligence, Void...

A new wave of cyberattacks has emerged, sending ripples across the digital landscape, and it is targeting one of the world’s most widely adopted productivity ecosystems—Microsoft 365. At the center of this ongoing threat is a campaign linked to Tycoon2FA, a notorious Phishing-as-a-Service...

Phishing attacks have long been the scourge of enterprise security, but recent developments reveal a disturbing evolution in cybercriminal tactics targeting Microsoft platforms. A newly uncovered phishing campaign harnesses the trusted veneer of Microsoft Dynamics 365 Customer Voice, weaponizing...

The growing adoption of generative AI in the workplace has ushered in sweeping changes across industries, delivering newfound efficiencies and innovative capabilities. Yet, with each leap toward automation and intelligence, a parallel, shadowy world of cyber threats surges ahead. A recent...

A new development in the realm of cloud security threats has emerged, offering threat actors a novel way to obtain Microsoft Entra (formerly Azure Active Directory) refresh tokens from compromised endpoints, potentially bypassing even robust multi-factor authentication (MFA) mechanisms. This...