Cybersecurity researchers discovered a method to bypass Microsoft’s MFA by exploiting device code authentication and Primary Refresh Tokens (PRTs). This technique allows attackers to register Windows Hello keys, creating a persistent backdoor. The attack manipulates request parameters to force MFA, complicating detection for users and administrators alike. Prevention demands strict MFA enforcement and vigilant monitoring strategies.
How CISOs Can Successfully Lead Security Transformation in Hybrid Work Environments
CISOs face challenges in hybrid work models, requiring a shift from traditional security to a dynamic approach. They must lead cultural change, engage with leadership,
