Dark Reading

Attacks Targeting ADFS Token Signing Certificates Could Become Next Big Threat

Conventional access control and detection mechanisms alone are no longer sufficient to protect enterprise Active Directory Federation Services (ADFS) environments against targeted attacks. With ...
Bleeping Computer

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored ...
Redmond Magazine

Microsoft Eliminates Need for ADFS with Azure Active Directory Certificate-Based Authentication Preview

Microsoft on Monday announced the availability of Azure Active Directory certificate-based authentication (CBA) at the public preview stage. CBA lets organizations authenticate with Azure AD using ...
Infosecurity-magazine.com

Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

A new phishing campaign has been observed targeting organizations using Microsoft Active Directory Federation Services (ADFS), leveraging spoofed login pages to steal credentials and bypass ...
InfoQ

Eugenio Pace on Identity Federation, WIF and ADFS 2.0

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Redmond Magazine

Microsoft Eases ADFS Shifts with New Azure Active Directory Capabilities

Microsoft on Monday announced some Azure Active Directory enhancements to help organizations shift away from using Active Directory Federation Services (ADFS). Most of the enhancements were described ...
Bleeping Computer

How to protect your ADFS from password spraying attacks

A password spraying attack is a specialized password attack commonly used by attackers that is reasonably effective and helps avoid detection by traditional password defenses. Instead of trying many ...