The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
Threat Post

Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors

Microsoft’s May Patch Tuesday update is triggering authentication errors. Microsoft is alerting customers that its May Patch Tuesday update is causing authentications errors and failures tied to ...
ZDNet

Microsoft's out-of-band patch fixes Windows AD authentication failures

Microsoft has released an out-of-band patch to fix authentication failures on Windows after installing the May 10, 2022 security update on Windows Server domain controllers. "An issue has been found ...
Dark Reading

Microsoft's Certificate-Based Authentication Enables Phishing-Resistant MFA

Microsoft has removed a key obstacle facing organizations seeking to deploy phishing-resistant multifactor authentication (MFA) by enabling certificate-based authentication (CBA) in Azure Active ...
Redmond Magazine

Microsoft Highlights Certificate-Based Authentication and FIDO2 Security Advances

Microsoft cited progress on enabling phishing-resistant authentications for organizations, in a Friday announcement. The announcement highlighted FIDO2 preview support for iOS and MacOS apps, ...
Bleeping Computer

Microsoft updates Azure AD with support for temporary passcodes

Azure Active Directory (Azure AD) now allows admins to issue time-limited passcodes that can be used to register new passwordless authentication methods, during Windows onboarding, or to recover ...