Bleeping Computer

Microsoft Entra "security defaults" to make MFA setup mandatory

Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory. This move is part of the company's ...

North Korean hackers using malicious QR codes in spear phishing, FBI warns

To defend against Kimsuky’s advanced quishing attacks, the FBI recommends a “multi-layered” security strategy, which includes ...
Hosted on MSN

QR codes are being hijacked to bypass MFA protections

This is just one of the weaknesses of QR codes - the implicit trust that the code will take you where you want to go. New Sophos research has explored how an attack plays out after one of its own ...
Dark Reading

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

A highly organized phishing-as-a-service operation (PhaaS) is targeting Microsoft 365 accounts across financial firms with business email compromise (BEC) attacks that leverage a two-factor ...