Threat actors tied to the ShinyHunters ecosystem have increasingly leaned on vishing (voice phishing) to defeat modern authentication controls and gain access to business-critical SaaS platforms.

Forbes contributors publish independent expert analyses and insights. Alex Vakulov is a cybersecurity expert focused on consumer security. Sep 05, 2024, 06:52am EDT Sep 06, 2024, 11:36am EDT ...

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...

TokenCore and The End of MFA As We Know It If you are a CISO still feeling smug about that big MFA rollout from the last two ...

Researchers cracked a Microsoft Azure method for multifactor authentication (MFA) in about an hour, due to a critical vulnerability that allowed them unauthorized access to a user's account, including ...

Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster ...

The issue could allow threat actors to brute force MFA authentication codes for Outlook, Teams, and Azure access with 50% accuracy. Microsoft may have silently fixed a problem with its MFA ...

Compare the best multi-factor authentication software in 2026. See which MFA tools offer adaptive security, easy setup, and real customer identity protection.

Phishing takes advantage of the weakest link in any organization’s cybersecurity system — human behavior. Phishing attacks are generally launched via email, although some opening salvos have begun ...

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...