Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...
PC World

How to set up two-factor authentication for Facebook, Google, Microsoft, and more

Two-factor authentication may not be as sexy as the latest Android phone, but the technology is capturing news headlines, and deservedly so. Last week, Microsoft began rolling out this security tool ...
Security Boulevard

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...
PC World

Two-factor authentication explained: How to choose the right level of security for every account

If you aren’t already protecting your most personal accounts with two-factor or two-step authentication, you should be. An extra line of defense that’s tougher than the strongest password, 2FA is ...
The Hacker News

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A Russia-aligned threat group uses Microsoft 365 device code phishing to steal credentials and take over accounts, tracked ...
Infosecurity-magazine.com

The Growing Threat of Broken Authentication Attacks on APIs

Application programming interfaces (APIs) are integral to the functionality of the internet today. By enabling communications between programs, they make many processes more efficient and convenient, ...