Black Hills InfoSec - Exploiting MFA Inconsistencies on Microsoft Services
Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. Across Microsoft 365 and Azure, there are multiple endpoints. These endpoints can all be configured under different Conditional Access policy settings, which sometimes lead to […]
The post Exploiting MFA Inconsistencies on Microsoft Services appeared first on Black Hills Information Security.
from Black Hills Information Security https://www.blackhillsinfosec.com/exploiting-mfa-inconsistencies-on-microsoft-services/
Comments
Post a Comment