MFA

New SessionShark Phishing Kit Steals Session Tokens to Bypass Office 365 MFA

2 minute read

New SessionShark Phishing Kit Bypasses MFA to Steal Office 365 Logins

SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn of real-time attacks via fake…

byDeeba Ahmed

April 24, 2025

2 minute read

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…

byDeeba Ahmed

April 11, 2025

3 minute read

Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

A global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations.

byDeeba Ahmed

February 5, 2025

3 minute read

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

SUMMARY Cybersecurity researchers at Oasis Security have identified a vulnerability in Microsoft’s Multi-Factor Authentication (MFA), known as AuthQuake,…

byWaqas

December 11, 2024

3 minute read

Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing

Iranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA…

byDeeba Ahmed

October 18, 2024

3 minute read

Cybersecurity Tips For Businesses Using Remote Workers

Remote work offers benefits like reduced costs and wider recruitment but also increases cybersecurity risks. To protect your…

byUzair Amir

September 2, 2024

Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO

2 minute read

Security

Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO

Concerned about a potential MFA bypass in Microsoft Azure Entra ID? This article explores the research, explains the vulnerability in context, and offers actionable steps to secure your organization.

byWaqas

May 8, 2024

Implementing the Least Privilege Principle to Safeguard Your Assets

3 minute read

Security

Implementing the Least Privilege Principle to Safeguard Your Assets

The least privilege principle is a crucial concept in cybersecurity that involves granting users the minimum level of…

byOwais Sultan

September 13, 2023

5 minute read

Elevating Data Security: Key Considerations When Transferring Your Digital Workspace

Data security is vital for protecting sensitive information and maintaining trust.

byOwais Sultan

August 25, 2023

3 minute read

Warning as hackers breach MFA to target cloud services

According to CISA, it has verified one of the users had their account breached even though they were using "proper multi-factor authentication (MFA)."

byDeeba Ahmed

January 14, 2021

The Latest

HubSpot vs Salesforce: Which CRM Fits Your Business?

Pwn2Own Berlin 2025: Windows 11, VMware, Firefox and Others Hacked

Ivanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities

Pro-Ukraine Group Targets Russian Developers with Python Backdoor

MFA

New SessionShark Phishing Kit Bypasses MFA to Steal Office 365 Logins

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing

Cybersecurity Tips For Businesses Using Remote Workers

Implementing the Least Privilege Principle to Safeguard Your Assets

Elevating Data Security: Key Considerations When Transferring Your Digital Workspace

INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

Link11 brings three brands together on one platform with new branding

SecAI Debuts at RSA 2025, Redefining Threat Investigation with AI

Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy