Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Research: Asian enterprises advancing AI without resilience strategies...
Penta Security Sets the Benchmark for Web Application Security, Earnin...
India bank domain registry exposed sensitive data in security lapse: e...
RainbowEx scam template scales to 236,493 domains with workplace spill...
SK shieldus Receives Frost & Sullivan’s 2026 APAC Customer V...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

The days of multi-factor authentication SMS alerts are numbered

By CybersecAsia editors | Friday, May 22, 2026, 12:23 PM Asia/Singapore

The days of multi-factor authentication SMS alerts are numbered

Attackers used social engineering, MFA prompts, Azure tools, Graph API, Key Vault, and VMAccess to infiltrate accounts, persist access, exfiltrate data.

In the recent Storm-2949 campaign, attackers had focused on Microsoft 365 and Azure environments, and had used social engineering to pose as internal IT support. Victims were tricked into approving multi-factor authentication prompts (MFA), during what seemed like routine password reset activity — giving the attackers a foothold in the account recovery process.

Once inside, the group had reportedly reset passwords, removed existing authentication methods, and enrolled their own devices so they could keep access. From there, the attackers moved deeper into cloud environments using legitimate administrative tools and permissions rather than obvious malware.

Now, Microsoft is phasing out SMS-based login codes for personal accounts, as it pushes users toward passkeys, authenticator apps, and verified email recovery. The change comes as the firm also warns that attackers are increasingly abusing identity systems rather than breaking them with malware. Storm-2949 attacks had used Azure features, Graph API queries, Key Vault access, the Run command, and VMAccess extensions to blend into normal operations while exfiltrating data from Microsoft 365, storage accounts, databases, and production web apps. That approach made the activity harder to spot and underscored how much damage can follow a single compromised identity.

Security researchers say the shift reflects a broader industry lesson: text-message verification is convenient, but it is also vulnerable to phishing, SIM swapping, and social engineering. Microsoft’s own guidance now emphasizes phishing-resistant MFA, including passkeys and FIDO2-style methods. That recommendation matters because attackers in campaigns like Storm-2949 have shown they can work around traditional defenses by tricking users into approving prompts instead of stealing passwords outright.

The firm has also issued defensive advice to firms: require phishing-resistant MFA for privileged users, enforce least-privilege access, monitor risky management actions, and reduce dependence on legacy authentication paths. Also, stronger logging, careful control of Azure extensions, and broader Defender protections across cloud workloads are recommended.

This is a signal that identity is now the main attack surface, and securing it has become as important as protecting the network itself.

Share:

PreviousIs secure issuance a solved problem, or is the debate more complex?
NextLRQA Calls for Stronger AI Governance and Cyber Resilience Frameworks at CyberSecMY 2026

Related Posts

Yearly bad bot research shows a 9% drop in traffic since 2021

Yearly bad bot research shows a 9% drop in traffic since 2021

Thursday, October 26, 2023

The security dilemma of IoT devices and potential consequences

The security dilemma of IoT devices and potential consequences

Wednesday, December 23, 2020

Analysis of top 100 breaches in 2022 reveal a common denominator

Analysis of top 100 breaches in 2022 reveal a common denominator

Monday, March 13, 2023

Security is the top dampener of public cloud adoption: APAC study

Security is the top dampener of public cloud adoption: APAC study

Tuesday, February 25, 2020

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • Penta Security Sets the Benchmark for Web Application Security, Earning Frost & Sullivan’s 2026 South Korea Company of the Year Recognition

    Thursday, July 2, 2026
    By combining intelligent threat detection, …Read More »
  • SK shieldus Receives Frost & Sullivan’s 2026 APAC Customer Value Leadership Recognition for Excellence in Cybersecurity Services

    Monday, June 29, 2026
    The company is recognized for …Read More »
  • Global Tech Shift: Tune Talk Launches World’s First Network-Enforced Child Safety Mobile Plan, Bypassing App-Level Limitations

    Saturday, June 27, 2026
    PETALING JAYA, Malaysia, June 26, …Read More »
  • DJI Enterprise Advances Industry with New Framework for Dock as First Responder (DFR) Deployments

    Thursday, June 25, 2026
    New White Paper Outlines Best …Read More »
  • At VivaTech 2026, Taiwan-Based MaiAgent Says Enterprises Should Stop Building RAG and AI Agent Systems From Scratch

    Friday, June 19, 2026
    TAIPEI and PARIS, June 19, …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.