Tag: Conditional Access
-
The Serverless Spectre: How TokenFlare is Redefining M365 Phishing with Built-In Intune Bypasses
TokenFlare Serverless AITM Phishing Simulation Framework for Entra ID / M365 Features Lean: Core logic (in src/worker.js only ~530 lines of JavaScript). Modular: Supports a number of OAuth flows, with Intune Conditional Access bypass support out of the box Easily tweaked: Set up client branding, URL structure (custom lure path and parameter), final redirect after completing auth, and more,…
-
The Trusted Trap: How Hackers Weaponize Microsoft’s Own Login Flows to Bypass MFA
Proofpoint is warning of a surge in phishing attacks in which attackers hijack corporate Microsoft 365 accounts not through fake login pages, but via a perfectly legitimate OAuth mechanism—device code authorization. Victims are persuaded to enter a “one-time code” on an authentic Microsoft site, inadvertently granting attackers an access token that enables account takeover, data…