Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials – Expert Reaction

Read the original article: Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials – Expert Reaction


Cofence has discovered an attack that bypasses MFA to nab Microsoft 365 credentials. Researchers at Cofense Phishing Defense Center discovered the tactic, which leverages the OAuth2 framework and OpenID Connect (OIDC) protocol and uses a malicious SharePoint link to trick users into granting permissions to a rogue application, researcher Elmer Hernandez wrote in a blog post published …

The ISBuzz Post: This Post Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials – Expert Reaction appeared first on Information Security Buzz.


Read the original article: Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials – Expert Reaction