Security News > 2022 > August > How a business email compromise attack exploited Microsoft’s multi-factor authentication
To protect the victim's account, the organization had implemented Microsoft MFA through the Microsoft Authenticator app, which should have stopped any use of stolen credentials.
Microsoft MFA doesn't always require a second form of authentication.
The report cited two examples in which a decision by Microsoft MFA not to require the second form of authentication can be problematic.
Microsoft doesn't require a second form of authentication when accessing and changing user authentication methods in the Security Info section of the account profile.
Tips for preventing AiTM attacks that exploit MFA. In a statement sent to TechRepublic, a Microsoft spokesperson also offered recommendations on how to stop AiTM attacks that can exploit multi-factor authentication.
Allow Microsoft Authenticator to be installed only through a Mobile Application Management or Mobile Device Management control set through Microsoft Intune.
News URL
https://www.techrepublic.com/article/email-attack-exploits-microsoft-mfa/
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- 6 Best Multi-Factor Authentication (MFA) Solutions for 2024 (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Microsoft warns Gmail blocks some Outlook email as spam, shares fix (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Microsoft will limit Exchange Online bulk emails to fight spam (source)
- What is multi-factor authentication (MFA), and why is it important? (source)