Dark Reading

Microsoft Will Require MFA for Azure Services

Starting in October, all Microsoft Azure customers will be required to have multifactor authentication (MFA) enabled on their accounts, Microsoft said. From Microsoft ...
CSO Online

EvilTokens abuses Microsoft device code flow for account takeovers

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.