The Latest in IT Security

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

14
Jul
2022
Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

image credit: unsplash

As part of the campaign, the attackers have been using adversary-in-the-middle (AiTM) phishing sites to steal credentials, and have been hijacking sign-in sessions to bypass authentication even with multifactor authentication (MFA) enabled.

AiTM is a phishing technique in which the attackers deploy a proxy webserver between the user and the site they are trying to sign in to, to intercept the user’s credentials and their session cookie, which enables the user to remain authenticated to the site.

Related posts:
  1. Identity Fraud Losses Soared to $56 Billion in 2020, Javelin Researchers Find
  2. Fraudsters Build Up Phishing Repertoire for 2021 Tax Season. Are You Ready?
  3. Meta Sues Two Nigerians Who Lured Facebook Users to Phishing Sites
  4. Phishers target Netflix users, ask for info and photo of their ID
  5. A wave of Telegram hacks hits: How to protect your account

Read More

Tags:  
Written by Securityweek
0 Comments
Comments are closed.

Categories

MONDAY, FEBRUARY 24, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments