New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught

In The Hacker News - Original news source is thehackernews.com by Blog Writer

Post Sharing
Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks.
“This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization’s