Massive Attacks Bypass Mfa On Office 365 And G Suite Accounts Via Imap Protocol Cayosoft

By switzerlandersing On Sep 11, 2025

Massive Attacks Bypass MFA On Office 365 And G Suite Accounts Via IMAP Protocol - Cayosoft

Massive Attacks Bypass MFA On Office 365 And G Suite Accounts Via IMAP Protocol - Cayosoft Over the past months, threat actors have targeted office 365 and g suite cloud accounts using the imap protocol to bypass multi factor authentication (mfa). Massive imap based password spraying attacks successfully breached microsoft office 365 and g suite accounts, circumventing multi factor authentication (mfa) according to an.

Massive Attacks Bypass MFA On Office 365 And G Suite Accounts Via IMAP Protocol - Cayosoft

Massive Attacks Bypass MFA On Office 365 And G Suite Accounts Via IMAP Protocol - Cayosoft A novel credential phishing scheme allows hackers to take over microsoft accounts with a 50% success rate, even with mfa enabled. Over the past several months, threat actors have been increasingly targeting office 365 and g suite cloud accounts that are using the legacy imap protocol, in an attempt to bypass multi factor authentication (mfa), proofpoint reports. Proofpoint, a software security company, has discovered that threat actors are using legacy imap protocols to bypass multi factor authentication on office 365 and g suite accounts. multi factor authentication (mfa) systems check the identity of a user before allowing them to access the account. A critical vulnerability in microsoft’s multi factor authentication (mfa) system has left millions of accounts exposed to unauthorized access. discovered by oasis security, the flaw allows attackers to bypass mfa, impacting over 400 million office 365 paid users.

Multi-Factor Authentication (MFA) Bypass | Secureworks

Multi-Factor Authentication (MFA) Bypass | Secureworks Proofpoint, a software security company, has discovered that threat actors are using legacy imap protocols to bypass multi factor authentication on office 365 and g suite accounts. multi factor authentication (mfa) systems check the identity of a user before allowing them to access the account. A critical vulnerability in microsoft’s multi factor authentication (mfa) system has left millions of accounts exposed to unauthorized access. discovered by oasis security, the flaw allows attackers to bypass mfa, impacting over 400 million office 365 paid users. Multi factor authentication can prevent accounts from being accessed if passwords are stolen or obtained using brute force tactics; however, proofpoint has discovered that multi factor authentication is being bypassed on office 365 and g suite accounts using the legacy imap protocol. These illegitimate brute force attacks utilize the internet message access protocol (imap) which bypasses multi factor authentication (mfa) and out of what was observed, approximately 25% of users experienced a successful breach. We recently encountered an incident where two accounts in our tenant, which had multi factor authentication (mfa) enforced, were compromised. the attacker managed to bypass mfa and gained access to the accounts, sending spam emails and attempting to further infiltrate our organization. Massive imap based password spraying attacks successfully breached microsoft office 365 and g suite accounts, circumventing multi factor authentication (mfa) according to an analysis by proofpoint.