This big phish can swim around MFA, says Microsoft Security

A widespread phishing campaign that has hit more than 10,000 organizations since September 2021 uses adversary-in-the-middle (AiTM) proxy sites to get around multifactor authentication (MFA) features and steal credentials that are then used to compromise business email accounts. With AiTM phishing, cybercriminals place a proxy server between the targeted user and the website they’re trying to visit, enabling the miscrants to intercept and steal the user’s password and session cookie, which are implemented by web services after initial authentication so that the user doesn’t have to keep authenticating as they move through the site during the session.

Read full article on The Register

 


Date:

Categorie(s):