MFA Bypass Bugs Opened Microsoft 365 to Attack

Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system under, according to researchers at Proofpoint. The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments where WS-Trust is enabled and used with Microsoft 365, formerly called Office 365.

Read full article on Threat Post