Dark Reading

'SessionShark' ToolKit Evades Microsoft Office 365 MFA

Threat actors are showcasing a service called "SessionShark 0365 2FA/MFA," which is a phishing-as-a-service (PhaaS) toolkit intended for fellow hackers. The creators of the toolkit are attempting to ...

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.
Dark Reading

Microsoft Will Require MFA for Azure Services

Starting in October, all Microsoft Azure customers will be required to have multifactor authentication (MFA) enabled on their accounts, Microsoft said. From Microsoft ...