US EditionPublished • loading... • Updated
Phishing Campaign Bypasses Multi-Factor Authentication From Microsoft 365
KnowBe4 Threat Labs has discovered a complex phishing campaign targeting US companies and professionals. The attacks compromise Microsoft-365 accounts (Outlook, Teams, Onedrive) by abusing the OAuth 2.0 device authorization flow, thereby outsmarting even strong passwords and multi-factor authentication (MFA). The victim is redirected to the legitimate Microsoft portal "https://microsoft.com/devicelogin" to enter a device code provided by the att…
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.1 Articles
1 Articles
KnowBe4 Threat Labs has discovered a complex phishing campaign targeting US companies and professionals. The attacks compromise Microsoft-365 accounts (Outlook, Teams, Onedrive) by abusing the OAuth 2.0 device authorization flow, thereby outsmarting even strong passwords and multi-factor authentication (MFA). The victim is redirected to the legitimate Microsoft portal "https://microsoft.com/devicelogin" to enter a device code provided by the att…
Coverage Details
Total News Sources1
Leaning Left0Leaning Right0Center0Last UpdatedBias DistributionNo sources with tracked biases.
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
