Security Feed
  1. Archives

Aug 13 2025 New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Source

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking. [...]

Posted by Bill Toulas on Wed 13 August 2025 in BleepingComputer.

Tags: Security, Microsoft.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Biz & IT
  • Security Blog
  • Microsoft
  • Security & Identity
  • Google
  • cryptocurrency
  • AI
  • Announcements
  • Foundational (100)
  • A Little Sunshine
  • Legal
  • Apple
  • Artificial Intelligence
  • privacy
  • Mobile
  • squid
  • Advanced (300)
  • Intermediate (200)
  • The Coming Storm
  • hacking
  • Technical How-to
  • Best Practices

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.