Security News

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
2024-12-11 14:32

Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the...

All Google Cloud users will have to enable MFA by 2025
2024-11-06 14:52

Google has announced that, by the end of 2025, multi-factor authentication (MFA) – aka 2-step verification – will become mandatory for all Google Cloud accounts. “Given the sensitive nature of...

Google Cloud to make MFA mandatory by the end of 2025
2024-11-05 20:07

Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security. [...]

Microsoft Entra "security defaults" to make MFA setup mandatory
2024-10-30 19:18

​Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory. [...]

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA
2024-10-24 11:00

Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security,...

Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless
2024-10-07 10:05

The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and...

Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA
2024-09-30 11:20

Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111%...

MFA bypass becomes a critical security issue as ransomware tactics advance
2024-09-24 03:00

Ransomware is seen as the biggest cybersecurity threat across every industry, with 75% of organizations affected by ransomware more than once in the past 12 months – a jump from 61% in 2023,...

Snowflake slams 'more MFA' button again – months after Ticketmaster, Santander breaches
2024-09-16 16:45

Now it's the default for all new accounts Snowflake continues to push forward in strengthening its users' cybersecurity posture by making multi-factor authentication the default for all new accounts.…

UK trio pleads guilty to running $10M MFA bypass biz
2024-09-03 21:30

Crew bragged they could help crooks raid victims' bank accounts Updated A trio of men have pleaded guilty to running a multifactor authentication (MFA) bypass ring in the UK, which authorities...