Forbes

Microsoft Password Spray And Pray Attack Targets Accounts Without 2FA

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, Feb. 27, 2025: This story, originally published Feb.
Virtualization Review

Hackers Target Microsoft 365 'Legacy Authentication' 10x More than MFA, Report Says

Just in case the drumbeat to adopt Multi-Factor Authentication (MFA) hasn't yet sunk in, a new report from Okta reveals that organizations using Microsoft 365 "Legacy Authentication" (like passwords) ...
Geeky Gadgets

Microsoft’s Big Security Shift : Is Your MFA Setup at Risk?

What if the very tools you rely on to secure your organization’s data are quietly becoming obsolete? That’s the reality facing businesses as Microsoft prepares to retire its legacy Multi-Factor ...
CSOonline

How to disable basic authentication in Microsoft Office 365

If you've implemented multi-factor authentication, you should disable the default basic authentication to make sure attackers can't exploit it. Attackers will go after weaker credentials and passwords ...
Redmond Magazine

Exchange Online Forensics Now Bolstered by Session ID Info

Organizations using the Exchange Online e-mail messaging service now are getting the ability to use session ID information in Exchange Online audit logs to better detect attacks. The ability to use ...
KXAN

Guardz Uncovers Sophisticated Campaign Exploiting Legacy Authentication in Microsoft Entra ID

The Guardz Research Unit uncovered a coordinated cyber campaign using outdated login methods to bypass MFA and infiltrate cloud environments by attempting to exploit basic authentication protocols The ...