Redmond Magazine

Microsoft Eliminates Need for ADFS with Azure Active Directory Certificate-Based Authentication Preview

Microsoft on Monday announced the availability of Azure Active Directory certificate-based authentication (CBA) at the public preview stage. CBA lets organizations authenticate with Azure AD using ...
Bleeping Computer

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored ...
Network World

Microsoft pushes ADFS 2.0, federated identity for cloud security

At its TechEd conference, Microsoft is pushing Active Directory Federation Services (ADFS) as the foundation for identity in cloud computing environments. At its TechEd conference this week, Microsoft ...
Dark Reading

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

A newly discovered vulnerability in Microsoft's Active Directory Federation Services (ADFS) lets threat actors bypass multifactor authentication (MFA) as long as they have the username and password ...
Dark Reading

Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns

The attackers responsible for the SolarWinds supply chain attack have added a new arrow to their quiver of misery: A post-compromise capability dubbed MagicWeb, which is used to maintain persistent ...
Bleeping Computer

How to protect your ADFS from password spraying attacks

A password spraying attack is a specialized password attack commonly used by attackers that is reasonably effective and helps avoid detection by traditional password defenses. Instead of trying many ...
CSOonline

Microsoft pushes ADFS 2.0, federated ID for cloud

At its TechEd conference, Microsoft is pushing Active Directory Federation Services (ADFS) as the foundation for identity in cloud computing environments. At its TechEd conference this week, Microsoft ...