Bleeping Computer

Hackers steal Microsoft logins using legitimate ADFS redirects

Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins.
Infosecurity-magazine.com

Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

A new phishing campaign has been observed targeting organizations using Microsoft Active Directory Federation Services (ADFS), leveraging spoofed login pages to steal credentials and bypass ...
Bleeping Computer

Hackers spoof Microsoft ADFS login pages to steal credentials

A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA ...
Redmond Magazine

Microsoft Describes 'MagicWeb' Attacks Using Active Directory Federation Services

Microsoft on Wednesday described "MagicWeb" attacks by an advanced persistent threat group called "Nobelium," advising organizations using Active Directory Federation Services (ADFS) to take hardening ...