Bleeping Computer

How to protect your ADFS from password spraying attacks

A password spraying attack is a specialized password attack commonly used by attackers that is reasonably effective and helps avoid detection by traditional password defenses. Instead of trying many ...
Redmond Magazine

Targeting Microsoft ADFS: How Phishing Campaigns Bypass Multi-Factor Authentication to ...

A sophisticated phishing campaign is targeting organizations that rely on Microsoft’s Active Directory Federation Services (ADFS), using spoofed login pages to harvest credentials and bypass ...
Dark Reading

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

A newly discovered vulnerability in Microsoft's Active Directory Federation Services (ADFS) lets threat actors bypass multifactor authentication (MFA) as long as they have the username and password ...
Redmond Magazine

Microsoft Lays Out Identity and Access Best Practices for IT Pros

The Microsoft Incident Response (IR) team this month published a fairly comprehensive guide for IT pros responsible for securing computing environments. The long "lessons learned" IR team post is for ...