Security News

Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise. The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links.

Microsoft has started enforcing number matching in Microsoft Authenticator push notifications to fend off multi-factor authentication fatigue attacks. As previously announced, Microsoft will start enforcing number matching for Microsoft Authenticator MFA alerts to block MFA fatigue attack attempts across tenants beginning today.

The report revealed a significant increase in MFA deployment for customers, which jumped to 57% from 45%. "Not all MFA is equal, and even though businesses know legacy MFA tools are not effective to stay secure, we're seeing they're still using them as primary tools of defense," said Ronnie Manning, CMO, Yubico. "Now more than ever, education around the importance of phishing-resistant MFA is critical to officially move away from legacy MFA tools that are leaving thousands of businesses exposed to cyberattacks around the world," Manning continued.

Cryptocurrency thieves are targeting users of Chromium-based browsers - Google Chrome, Microsoft Edge, Brave Browser, and Opera - with an extension that steals credentials and can grab multi-factor authentication codes. Dubbed Rilide by Trustwave researchers, the extension mimics the legitimate Google Drive extension while, in the background, it disables the Content Security Policy, collects system information, exfiltrates browsing history, takes screenshots, and injects malicious scripts.

New research from Microsoft's Threat Intelligence team exposed the activities of a threat actor named DEV-1101, which started advertising for an open-source phishing kit to deploy an adversary-in-the-middle campaign. According to Microsoft, the threat actor described the kit as a phishing application with "Reverse-proxy capabilities, automated setup, detection evasion through an antibot database, management of phishing activity through Telegram bots, and a wide range of ready-made phishing pages mimicking services such as Microsoft Office or Outlook."

Microsoft will soon fast-track multi-factor authentication adoption for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client. The company says in a new Microsoft 365 roadmap entry that users will be able to complete MFA requests for Microsoft 365 apps directly in the Outlook app via a new feature dubbed Authenticator Lite.

Are you as protected as you should be? Maybe it's time for you to re-evaluate your MFA. As a follow-up, explore this eBook to learn more about Silverfort's Unified Identity Protection approach to MFA and gain insight into how to assess your existing protections and relative risk exposure. In the same manner, if attackers can move laterally in your environment by providing compromised credentials to command line access tools, it no longer matters that you have MFA protection for RDP and desktop login.

Passwords are a mess, MFA can be more of a stopgap than a solution to phishing and running your own public key infrastructure for certificates is a lot of work. Ironically, if you're a security-aware organization in a regulated industry that already did the hard work of adopting the previous gold standard - smartcards that hold a security certificate and validate it against a certificate authority on your infrastructure - you might find yourself stuck running ADFS as you try to move to the new FIDO keys.

A common threat targeting businesses is MFA fatigue attacks-a technique where a cybercriminal attempts to gain access to a corporate network by bombarding a user with MFA prompts until they finally accept one. Using MFA Fatigue attacks, cybercriminals bombard their victims with repeated 2FA push notifications to trick them into authenticating their login attempts to increase their chances of gaining access to sensitive information.

MFA protects a system, location, or sensitive data from being accessed by an unauthorized user. MFA systems also consider a one-time password/code received by the user via SMS or authenticator app as a possession factor.