all InfoSec news
How attackers use and abuse Microsoft MFA
Help Net Security www.helpnetsecurity.com
Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise adoption of MFA and are constantly coming up with ways to bypass the additional protection it offers. We have already seen attacks involving SIM swapping, exploitation of vulnerabilities, rogue apps, legacy authentication protocols, MFA prompt bombing (aka MFA fatigue), stolen session cookies, and (custom) phishing kits with MFA-bypassing … More →
The post …
abuse account hijacking attackers don't miss features hot stuff mandiant mfa microsoft microsoft 365 mitiga