it.tmcnet

ADFS Exposed: The Reality About this Not-So-Simple Single Sign-On

To make it easier for employees to access all their mission-critical applications in the cloud, many enterprises are turning to single sign-on solutions, the most popular of which is Microsoft (News - ...
Dark Reading

Attacks Targeting ADFS Token Signing Certificates Could Become Next Big Threat

Conventional access control and detection mechanisms alone are no longer sufficient to protect enterprise Active Directory Federation Services (ADFS) environments against targeted attacks. With ...
Bleeping Computer

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored ...
Infosecurity-magazine.com

Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

A new phishing campaign has been observed targeting organizations using Microsoft Active Directory Federation Services (ADFS), leveraging spoofed login pages to steal credentials and bypass ...
Bleeping Computer

Hackers steal Microsoft logins using legitimate ADFS redirects

Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins.
Redmond Magazine

Microsoft Eliminates Need for ADFS with Azure Active Directory Certificate-Based Authentication Preview

Microsoft on Monday announced the availability of Azure Active Directory certificate-based authentication (CBA) at the public preview stage. CBA lets organizations authenticate with Azure AD using ...