Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
9 résultats taggé MFA  ✕
When MFA isn't actually MFA https://retool.com/blog/mfa-isnt-mfa/
16/09/2023 12:22:57
QRCode
archive.org
thumbnail

Due to a recent Google change, MFA isn't truly MFA.

retool EN 2023 incident retool MFA SMS-based phishing attack GoogleAuthenticator
How Google Authenticator made one company’s network breach much, much worse https://arstechnica.com/security/2023/09/how-google-authenticator-gave-attackers-one-companys-keys-to-the-kingdom
16/09/2023 12:21:15
QRCode
archive.org
thumbnail

Google's app for generating MFA codes syncs to user accounts by default. Who knew?

arstechnica EN 2023 MFA GoogleAuthenticator
Okta customers targeted in social engineering scam https://www.scmagazine.com/news/okta-customers-targeted-in-social-engineering-scam
06/09/2023 14:23:10
QRCode
archive.org
thumbnail

Help desk staff duped into resetting MFA on Okta super admin accounts, allowing threat actors to move laterally across targeted organizations.

scmagazine EN 2023 Okta phishing MFA scam
Bitwarden password vaults targeted in Google ads phishing attack https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/
08/02/2023 17:03:24
QRCode
archive.org
thumbnail

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.

bleepingcomputer EN 2023 1Password Bitwarden GoogleAds googleads MFA Multi-Factor-Authentication Password-Manager Passwords Phishing
EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
05/09/2022 14:06:10
QRCode
archive.org

Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. On some sources the alternative name is Moloch, which has some connection to a phishing-kit developed by several notable underground actors who targeted the financial institutions and e-commerce sector before.

Resecurity EN 2022 EvilProxy Phishing-as-a-Service MFA Bypass 2FA
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
17/07/2022 21:33:46
QRCode
archive.org
thumbnail

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

microsoft EN 2022 phishing MFA AiTM hijack session
Ongoing phishing campaign can hack you even when you’re protected with MFA https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/
17/07/2022 21:30:40
QRCode
archive.org
thumbnail

Campaign that steals email has targeted at least 10,000 organizations since September.

arstechnica EN 2022 phishing microsoft MFA campaign
Multi-factor Authentication to Generate $27 Billion Globally for Mobile Operators in 2022, Juniper Research Study Finds https://www.businesswire.com/news/home/20220509005459/en/Juniper-Research-Multi-factor-Authentication-to-Generate-27-Billion-Globally-for-Mobile-Operators-in-2022-Juniper-Research-Study-Finds
17/05/2022 09:49:11
QRCode
archive.org
thumbnail

A new study by Juniper Research has found operators will generate $27 billion from the termination of SMS messages related to multi-factor authentication in 2022; an increase from $25 billion in 2021. The research predicts this 5% growth will be driven by increased pressure on digital service providers to offer secure authentication that reduces risk of data breaches and protects user identity. Multi-factor authentication combines multiple credentials to verify a user or transaction. This includes sending an SMS that contains a one‑time password or code to a user’s unique phone number.

businesswire Juniper EN 2022 Multi-factor MFA SMS Research Study Authentication Mobile
Lapsus$ and SolarWinds hackers both use the same old trick to bypass MFA https://arstechnica.com/information-technology/2022/03/lapsus-and-solar-winds-hackers-both-use-the-same-old-trick-to-bypass-mfa/
29/03/2022 09:10:49
QRCode
archive.org
thumbnail

Not all MFA is created equal, as script kiddies and elite hackers have shown recently.

arstechnica 2022 EN MFA prompt-bombing
1765 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio