How to bypass MFA in Azure and O365: part 3

This is the third and last part of our series about how to bypass MFA in Azure and O365. In this article, we share our advice on how you defend your organization against the attacks we described in parts 1 and 2.

Read more

Authentication context: what, why and when?

Conditional Access authentication context is currently in public preview. It is a Zero Trust control plane that allows you to apply different access policies within all apps. Why, when, how do we use it?

Read more

How to bypass MFA in Azure and O365: part 2

In the first part of this series about how to bypass MFA in Azure and O365, we discussed how SSO works and how an attacker can abuse this. In this second part, we elaborate on a more complex attack technique based on MFA in Azure and O365.

Read more

How to bypass MFA in Azure and O365: part 1

This is part one of three blog posts about bypassing MFA in Azure AD and Office 365. In this first part of three, we explain how the Single Sign On (SSO) works and how an attacker might abuse this.

Read more

Turn off Azure AD ‘Application consent by users’ now!

SecWise has seen a growing number of attacks that rely on the application consent default configuration in Azure AD, which allows threat actors to get access to users’ data, mails and more. It is strongly advised to turn off this feature as soon as possible!

Read more

Azure Active Directory: IAM for the future

When talking to customers about Microsoft 365 security, we often kick off with reviewing the security of Azure Active Directory. Whether you are using O365 (E1 or E3), Intune (or any other product from the EMS Suite) or Azure IaaS and PaaS services, you already have Azure Active Directory! In this blogpost, we highlight the most important Azure AD features that you should be aware of.

Read more