Security News > 2024 > December > Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
2024-12-11 14:32
Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account. "The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
News URL
https://thehackernews.com/2024/12/microsoft-mfa-authquake-flaw-enabled.html