The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.

Europol-coordinated action disrupts Tycoon2FA phishing platform

An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service ...