Computer Weekly

Users warned over Azure Active Directory authentication flaw

Researchers at Secureworks’ Counter Threat Unit (CTU) have warned of a new and potentially serious vulnerability affecting the pass-through authentication (PTA) hybrid identity authentication method ...
Dark Reading

Azure AD 'Log in With Microsoft' Authentication Bypass Affects Thousands

Organizations that have implemented the "Log in with Microsoft" feature in their Microsoft Azure Active Directory environments could potentially be vulnerable to an authentication bypass that opens ...
VentureBeat

Microsoft fights phishing with passwordless authentication for Azure AD on iOS and Android

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More The FIDO alliance-driven crackdown on passwords and phishing scams has ...
Bleeping Computer

Microsoft fixes Azure AD auth flaw enabling account takeover

Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target's account. This ...
Infosecurity-magazine.com

Azure AD Credentials Exposed in Public App Settings File

A cybersecurity assessment has uncovered a serious vulnerability involving Azure Active Directory (Azure AD). Resecurity’s HUNTER Team discovered that application credentials, specifically the ...
Dark Reading

JSON Config File Leaks Azure ActiveDirectory Credentials

A publicly accessible configuration file for ASP.NET Core applications has been leaking credentials for Azure ActiveDirectory (AD), potentially allowing cyberattackers to authenticate directly via ...