Earlier this week, Uber disclosed that the recent breach it suffered was made possible through a multi-factor fatigue (MFA) attack where the attacker disguised themselves as Uber IT. MFA attacks are a form of social engineering consisting in spamming a target with repeated MFA requests until they eventually authorize access.

Read full article on InfoQ