Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Infosecurity-magazine.com

Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing

Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this ...
Hosted on MSN

The growing threat of device code phishing and how to defend against It

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...
Bleeping Computer

Hackers target Microsoft Entra accounts in device code vishing attacks

This authentication flow is similar to what you see when logging into a streaming service, such as Netflix or Apple TV, where the streaming device displays a short code and instructs you to visit a ...

Text Message 2FA Is a Weak Link and These Options Are Stronger

Text message two-factor authentication sounds like a security upgrade. It feels official. It looks responsible. Yet it often ...
TechCrunch

Authy Now Lets You Use Its Two-Factor Authentication System On Multiple Devices

Two-factor authentication is one of the most effective ways to keep your accounts safe, but it also means that if you ever lose your phone and don’t have access to a backup code, you won’t be able to ...