Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations,
Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365’s authentication process even on accounts secured with multi-factor authentication (MFA).
« The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC)
« The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC)
,
Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365’s authentication process even on accounts secured with multi-factor authentication (MFA).
« The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC)
« The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC)
, ,
https://thehackernews.com/2022/07/microsoft-warns-of-large-scale-aitm.html