The Latest in IT Security

Large-Scale Phishing Campaign Bypasses MFA

13
Jul
2022
Large-Scale Phishing Campaign Bypasses MFA

image credit: pixabay

Microsoft researchers have uncovered a massive phishing campaign that can steal credentials even if a user has multi-factor authentication (MFA) enabled and has so far attempted to compromise more than 10,000 organizations.

The campaign, which has been active since September 2021, depends upon the use of adversary-in-the-middle (AiTM) phishing sites in the initial attacks to hijack session cookies and steal credentials. From there, attackers can access victims’ user mailboxes to launch further attacks against other targets, the Microsoft 365 Defender Research Team from the Microsoft Threat Intelligence Center (MTIC) wrote in a blog post published Tuesday.

Read More

Comments are closed.

Categories

SATURDAY, AUGUST 13, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments