Authentication

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA

The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks

Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.