Cybersecurity researchers have uncovered a sophisticated technique to bypass Microsoft’s phishing-resistant multi-factor authentication (MFA) by exploiting the device code authentication flow and Primary Refresh Tokens (PRTs). This method allows attackers to register Windows Hello for Business keys, effectively creating a persistent backdoor even in environments with strict MFA policies. The technique was initially developed for […]
The post Researchers Find Way to Bypass Phishing-Resistant MFA in Microsoft Entra ID appeared first on Cyber Security News.
This article has been indexed from Cyber Security News