-
NIS2 compliance: How to get passwords and MFA right
NIS2 puts identity and access controls under the spotlight, with weak passwords and poor authentication now a compliance risk. Specops Software explains how to align password policies and MFA with NIS2 requirements.
- December 18, 2025
- 10:01 AM
0
-
Your MFA Is Costing You Millions. It Doesn't Have To.
Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social engineering attacks. Token explains how wireless biometric, passwordless authentication eliminates credential-based attacks and delivers measurable financial returns by reducing login time across the enterprise.
- December 17, 2025
- 09:00 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Attackers Now Bypass App-Based MFA, Hardware Biometrics Stop Them
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof FIDO2 hardware blocks these relay attacks before they succeed.
- November 18, 2025
- 10:01 AM
- 0
-
Why password controls still matter in cybersecurity
Passwords still matter — and weak policies leave the door wide open. Specops Software explains how longer passphrases, smarter banned-password lists, and adaptive rotation strategies can strengthen security without frustrating users.
- October 31, 2025
- 10:02 AM
- 0
-
Microsoft 365 outage blocks access to Teams, Exchange Online
Microsoft is working to resolve an ongoing outage preventing users from accessing Microsoft 365 services, including Microsoft Teams, Exchange Online, and the admin center.
- October 08, 2025
- 02:35 PM
- 0
-
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method remains unconfirmed.
- September 28, 2025
- 02:49 PM
- 0
-
Microsoft now enforces MFA on Azure Portal sign-ins for all tenants
Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025.
- September 05, 2025
- 03:32 PM
- 1
-
Microsoft to enforce MFA for Azure resource management in October
Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts.
- August 29, 2025
- 11:56 AM
- 0
-
MFA matters… But it isn’t enough on its own
MFA blocks 99% of attacks—but weak passwords still let attackers in. Specops helps you enforce strong password policies and MFA everywhere, so one layer doesn't undo the other. Book your free trial today.
- August 06, 2025
- 10:01 AM
- 0
-
Proton fixes Authenticator bug leaking TOTP secrets in logs
Proton fixed a bug in its new Authenticator app for iOS that logged users' sensitive TOTP secrets in plaintext, potentially exposing multi-factor authentication codes if the logs were shared.
- August 04, 2025
- 03:09 PM
- 6
-
Threat actors try to downgrade FIDO2 MFA auth in PoisonSeed phishing attack
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals.
- July 19, 2025
- 01:41 PM
- 0
-
The MFA You Trust Is Lying to You – and Here's How Attackers Exploit It
MFA Authenticator apps aren't cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold—with fingerprint-bound hardware. Learn more from Token.
- July 09, 2025
- 10:02 AM
- 0
-
Overcoming Technical Barriers in Desktop and Application Virtualization
Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial.
- July 08, 2025
- 10:09 AM
- 0
-
Microsoft confirms auth issues affecting Microsoft 365 users
Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features.
- June 13, 2025
- 08:37 AM
- 0
-
MFA Failures - The Worst is Yet to Come
This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come.
- January 16, 2025
- 10:01 AM
- 0
-
Microsoft MFA outage blocking access to Microsoft 365 apps
Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps.
- January 13, 2025
- 05:51 AM
- 0
-
Google Cloud to make MFA mandatory by the end of 2025
Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security.
- November 05, 2024
- 03:07 PM
- 0
-
Microsoft Entra "security defaults" to make MFA setup mandatory
Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory.
- October 30, 2024
- 03:18 PM
- 0
-
Admins of MFA bypass service plead guilty to fraud
Three men have pleaded guilty to running OTP.Agency, an online platform that provided social engineering help to obtain one-time passcodes from customers of various banks and services in the U.K.
- September 02, 2024
- 01:46 PM
- 4
-
Microsoft: Enable MFA or lose access to admin portals in October
Microsoft warned Entra global admins on Thursday to enable multi-factor authentication (MFA) for their tenants until October 15 to ensure users don't lose access to admin portals.
- August 16, 2024
- 03:06 PM
- 0
