Hackers target Microsoft Entra accounts in device code vishing attacks

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...
CSO Online

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.
Biometric Update

WSO2 to help MOSIP’s passwordless authentication platform eSignet Go Thunder

The goal is to strengthen eSignet’s security, enhance its features and ease its scalability for global deployment, according ...