MFA Bypass Bugs Opened Microsoft 365 to Attack

MFA Bypass Bugs Opened Microsoft 365 to Attack

Vulnerabilities ‘that have existed for years’ in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.

Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint.

The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments where WS-Trust is enabled and used with Microsoft 365, formerly called Office 365. WS-Trust is an OASIS standard that provides extensions to WS-Security and is used for renewing and validating security tokens, brokering trust relationships – part of a secure message-exchange architecture.

The Organization for the Advancement of Structured Information Standards (OASIS), is a non-profit consortium that promotes open standards in security.

cloud security vulnerabilities web security authentication azure cloud computing covid-19 mfa multi-factor authentication office 365 proofpoint threat actors visual studio ws-trust

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Multi-cloud Spending: 8 Tips To Lower Cost

Mismanagement of multi-cloud expense costs an arm and leg to business and its management has become a major pain point. Here we break down some crucial tips to take some of the management challenges off your plate and help you optimize your cloud spend.

How To Set Up Two-Factor Authentication in cPanel

What is 2FA Two-Factor Authentication (or 2FA as it often referred to) is an extra layer of security that is used to provide users an additional level of protection when securing access to an account.

Majority of Microsoft 365 Admins Don't Enable MFA

Beyond admins, researchers say that 97 percent of all total Microsoft 365 users do not use multi-factor authentication. Over and above admins, researchers say that 97 % of all full Microsoft 365 users do not use multi-factor authentication. Up to 78 percent of Microsoft 365 ...

Data Security in Cloud Computing: Top 6 Factors To Consider

Data Security in Cloud Computing: Top 6 Factors To Consider. Do you want to know about Data Security in Cloud Computing? Then this article is for you; it lists everything you need to know about Data Security in Cloud Computing.  

3 Secrets for a Successful Microsoft Office 365 Migration

Damco's Office 365 Migration Services facilitate data migration from diverse environments to Office 365 and efficient integration with other cloud services/apps.