Yahoo Finance

Phishing campaign targets Microsoft device-code authentication flows

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Russia-backed threat actors have attacked a ...
Hosted on MSN

The growing threat of device code phishing and how to defend against It

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...
Dark Reading

Beware of Device Code Phishing

Device codes are alphanumeric or numeric codes employed for authenticating an account on a device that does not have a standard login interface, such as a browser or input-limited devices, where it is ...
TechRadar

Russian cyberattackers spotted hitting Microsoft Teams with new phishing campaign

Microsoft has spotted a new phishing attack vector in the wild Storm-2372 is stealing access tokens through Microsoft Teams The group has been linked to Russia with medium confidence A new phishing ...
Ars Technica

Russian spies use device code phishing to hijack Microsoft accounts

Overlooked attack method used since last August in a rash of account takeovers. Well, this sucks. But the target list makes sense, from the perspective of an enemy attacking. Ed: trying to be sure the ...
Redmond Magazine

Microsoft and Yubico Preview Certificate-Based Authentication for Mobile Devices Using Security Keys

Microsoft on Wednesday announced a preview of Azure Active Directory Certificate-Based Authentication (CBA) support for Android and iOS devices using hardware security keys. The Azure AD CBA support ...