Security · 3h ago
Azure CLI Password Spray Attack Bypasses MFA in Microsoft 365
A password spray campaign targeting Azure CLI sign-ins exploited narrow Conditional Access policies, compromising Microsoft 365 accounts despite MFA being enabled. The attack highlights a gap where MFA is not enforced for CLI tools, leaving organizations exposed. Microsoft recommends broader MFA policies to cover all authentication methods.
Meridian48 take
This is a reminder that MFA is only as strong as the policies enforcing it—organizations must ensure coverage extends beyond web portals to CLI and API access.
Read the full reporting
Azure CLI Password Spray Attack Exposes Microsoft 365 MFA Gap →
TechRepublic
azure-climfa-bypass