A help desk phishing campaign uses spiofed login pages to target Microsoft Active Directory Federation Services (ADFS) within an organisation in order to obtain credentials and get around multi-factor authentication (MFA) protections. The campaign’s main targets, as reported by Abnormal Security, are government, healthcare, and educational institutions; at least 150 targets were chosen in the attack.
These assaults aim to infiltrate corporate email accounts to disseminate messages to additional victims within the organisation or launch financially driven attacks such as business email compromise (BEC), wherein payments are redirected to the perpetrators’ accounts.
Microsoft Active Directory Federation Services (ADFS) is an authentication system that enables users to log in once and then access various apps and services without having to enter their credentials again. It is often employed in large companies to enable single sign-on (SSO) for internal and cloud-based services.
The perpetrators send emails to targets impersonating their company’s IT team, requesting that they log in to
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: