As online users become increasingly aware of and use multifactor authentication (MFA), attackers are devising new ways to circumvent the technology — and often with great success. Earlier this month, for example, security firm Proofpoint reported its disclosure of critical vulnerabilities in Microsoft WS-Trust that could be used to circumvent MFA on cloud services that use the technology — chief among them, Microsoft 365.

Read full article on Dark Reading