Dark Reading

Microsoft Authenticator to Enforce Number Matching

Multifactor authentication (MFA) is an essential element of identity and access management, but it is not fail-proof, especially as attackers increasingly employ social-engineering tactics to bypass ...
Bleeping Computer

Microsoft enforces number matching to fight MFA fatigue attacks

Microsoft has started enforcing number matching in Microsoft Authenticator push notifications to fend off multi-factor authentication (MFA) fatigue attacks. In such attacks (also known as push bombing ...
CSOonline

Russian cyberspies defeat Microsoft number-matching 2FA policy with fake Teams messages

A Russian state-run cyberespionage group known as APT29 has been launching phishing attacks against organizations that use fake security messages over Microsoft Teams in an attempt to defeat Microsoft ...
CSOonline

Design flaw has Microsoft Authenticator overwriting MFA accounts, locking users out

With use of multi-factor authentication rising, end-users can find themselves fiddling with codes and authentication apps frequently throughout their days. For those who rely on Microsoft ...