ZDNet

Microsoft Authenticator gains feature to thwart spam attacks on MFA

Microsoft has rolled out 'number matching' in push notifications for its multi-factor authentication (MFA) app Microsoft Authenticator. The new advanced feature is generally available in Microsoft ...
TechBooky

Critical Vulnerability In Microsoft Authenticator Exposes Users To Token Theft

An important and serious security flaw in Microsoft's Authenticator has now been discovered to allow hackers to steal sign-in ...
Bleeping Computer

Microsoft Authenticator now warns to export passwords before July cutoff

The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge instead. Microsoft ...

Microsoft is eliminating SMS codes for two-factor authentication

Users will soon need to set up an alternative, like a passkey.

Microsoft to end SMS two-factor authentication for personal accounts

Microsoft is pulling the plug on SMS-based two-factor authentication because it has become a leading source of fraud, replacing it with passkeys and verified email.

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...
Dark Reading

Microsoft Will Require MFA for Azure Services

Starting in October, all Microsoft Azure customers will be required to have multifactor authentication (MFA) enabled on their accounts, Microsoft said. From Microsoft ...
Windows Report

Microsoft Warns Storm-2949 Is Stealing Data From Microsoft 365 And Azure

Microsoft says Storm-2949 targets Microsoft 365 and Azure environments using MFA abuse, password resets, and cloud data theft ...