New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking. [...]

https://www.bleepingcomputer.com/news/security/new-downgrade-attack-can-bypass-fido-auth-in-microsoft-entra-id/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog