The Latest in IT Security

MFA Bypass Bugs Opened Microsoft 365 to Attack

15
Sep
2020
MFA Bypass Bugs Opened Microsoft 365 to Attack

image credit: pixabay

Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint.

The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments where WS-Trust is enabled and used with Microsoft 365, formerly called Office 365. WS-Trust is an OASIS standard that provides extensions to WS-Security and is used for renewing and validating security tokens, brokering trust relationships – part of a secure message-exchange architecture.

Related posts:
  1. Microsoft Teams Patch Bypass Allows RCE
  2. Working on the Holidays
  3. The perils of single sign-on
  4. Microsoft Azure Flaws Exposed RHEL Instances
  5. Beyond Trust: privilege, vulnerability management available through Azure

Read More

Tags:  
Written by Threatpost
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments