Source |
CSO |
Identifiant |
6501387 |
Date de publication |
2022-08-24 05:00:00 (vue: 2022-08-24 13:05:36) |
Titre |
Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication |
Texte |
and hackers have developed ways to bypass multi-factor authentication (MFA) on cloud productivity services like Microsoft 365 (formerly Office 365).A BEC attack recently analyzed by cloud incident response company Mitiga used an adversary-in-the-middle (AitM) phishing attack to bypass Microsoft Office 365 MFA and gain access to a business executive's account and then managed to add a second authenticator device to the account for persistent access. According to the researchers, the campaign they analyzed is widespread and targets large transactions of up to several million dollars each.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
365 access according account add adversary aitm analyzed article attack authentication authenticator bec business bypass campaign click cloud company developed device dollars each executive factor formerly full gain hackers have here incident large like managed mfa microsoft middle million mitiga multi office persistent phishing please productivity read recently researchers response scammers second services several sophisticated targets then transactions used ways widespread |
Tags |
|
Stories |
|
Notes |
|
Move |
|