Engadget

Microsoft Teams has been storing authentication tokens in plaintext

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The ...
Dark Reading

Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

Attackers who gain initial access to a victim's network now have another method of expanding their reach: using access tokens from other Microsoft Teams users to impersonate those employees and ...
Dark Reading

Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA

Threat actors are stealing authentication tokens already verified by multifactor authentication (MFA) to breach organizations' systems. A new alert from Microsoft Detection and Response Team (DART), ...
InfoQ

Microsoft Authentication Library 4.54.0 Supports Managed Identities

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...
Redmond Magazine

Microsoft Previews Hardware OATH Tokens with Azure Multifactor Authentication

Microsoft on Tuesday announced a preview of the ability to use hardware OATH tokens with the Azure multifactor authentication service. Hardware OATH tokens use physical objects, such as dongles and ...
ZDNet

Microsoft: MFA bypass attacks are so rare we don't have good statistics on them

Attacks on Microsoft user accounts that are capable of bypassing multi-factor authentication (MFA) protections are so rare that the Redmond-based company doesn't even have stats for them. "Compared to ...