Redmond Magazine

Microsoft Alters Azure Active Directory Refresh Token Settings

Microsoft has changed the default settings for Azure Active Directory refresh tokens, but just for new tenancies. Refresh token expirations were causing access frustrations for end users, Microsoft ...
Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
Redmond Magazine

Microsoft Previews Hardware OATH Tokens with Azure Multifactor Authentication

Microsoft on Tuesday announced a preview of the ability to use hardware OATH tokens with the Azure multifactor authentication service. Hardware OATH tokens use physical objects, such as dongles and ...