TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Hackers can bypass Multi-factor Authentication for Microsoft 365: Security experts

Security researchers have discovered critical vulnerabilities allowing attackers to bypass multi-factor authentication (MFA) for Microsoft 365. According to security researchers at Proofpoint, vulnerabilities in MFA implementation compromise user safety and privacy while interacting with cloud-based services. Attackers can potentially gain complete access to their victim’s account data including emails, files, and contacts.

Microsoft-365

“Most likely, these vulnerabilities have existed for years. We have tested several Identity Provider (IDP) solutions, identified those that were susceptible and resolved the security issues,” Proofpoint said in its blog post.

What caused this security trouble?

Researchers believe the way Microsoft 365 session login is designed was responsible for this major security crisis. Bugs in the implementation of the existing security mechanisms allowed attackers to exploit “inherently insecure protocol” (WS-Trust). For instance, attackers were able to spoof their target’s IP address to bypass MFA, courtesy of a simple request header manipulation.

Alterations to the user-agent header caused the IDP to identify the wrong protocol in the pretext of using Modern Authentication. Attackers can exploit the vulnerabilities to pivot from legacy protocol to the modern one. As a result, Microsoft logs the connection as “Modern Authentication” further fooling around with administrators and security engineers.

With attackers being able to bypass MFA, security folks at Microsoft 365 need to come up with an extra layer of security in the form of account compromise detection and remediation. Once vulnerabilities are discovered, attackers can exploit them in an automated fashion. What makes these vulnerabilities extremely difficult to detect is that they don’t appear on event logs.

As security risks and threats continue to cause trouble, the adoption of multi-factor authentication has significantly increased in the wake of the pandemic.

Applications of multi-factor authentication

The MFA can safeguard Microsoft 365 users against a number of security issues, as follows:

  • Real-time phishing
  • Channel hijacking
  • Legacy protocols

According to researchers, 97 percent of organizations were impacted by brute force attacks in the first half of 2020. 30 percent of those organizations had at least one compromised cloud account. Researchers discovered that 73 percent of all monitored tenants were targeted and 57 were compromised.

Read: Secure your Windows 10 computers with Microsoft 365 Business Premium.

Published on Tags: ,

TanmayPatange@TWCN

Tanmay loves writing about Technology, Internet, Apps, Social Media, and Cybersecurity. He also tracks OTT video content streaming space and likes to spend his weekends watching plays. You can contact him on Twitter @techtsp.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap