Security researchers from Proofpoint discovered critical security vulnerabilities with multi-factor authentication (MFA) implementations in the cloud environment where the WS-Trust is enabled. WS-Trust is a specification and OASIS standard designed to manage with the issuing, renewing, and validating of security tokens.
Read full article on GBHackers