Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences. The attackers used AiTM (Attacker-in-The-Middle) reverse-proxy sites to pose as Office 365 login pages which requested MFA codes, and then use them to log into […]… Read More
The post 10,000 organisations targeted by phishing attack that bypasses multi-factor authentication appeared first on The State of Security.
This article has been indexed from The State of Security
Read the original article: