Security News

New phishing and business email compromise campaigns increase in complexity, bypass MFA
2023-06-13 22:15

A report from the Microsoft Defender Experts reveals a new multi-staged adversary in the middle phishing attack combined with a business email compromise attack targeting banking and financial institutions. The phishing email impersonates one of the target's trusted vendors to appear more legitimate and blend with legitimate email traffic and bypass detections, especially when an organization has policies to automatically allow emails from trusted vendors.

Cybercriminals masquerading as MFA vendors
2023-05-26 03:30

Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise. The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links.

Microsoft enforces number matching to fight MFA fatigue attacks
2023-05-08 16:25

Microsoft has started enforcing number matching in Microsoft Authenticator push notifications to fend off multi-factor authentication fatigue attacks. As previously announced, Microsoft will start enforcing number matching for Microsoft Authenticator MFA alerts to block MFA fatigue attack attempts across tenants beginning today.

Phishing-resistant MFA shapes the future of authentication forms
2023-04-28 03:30

The report revealed a significant increase in MFA deployment for customers, which jumped to 57% from 45%. "Not all MFA is equal, and even though businesses know legacy MFA tools are not effective to stay secure, we're seeing they're still using them as primary tools of defense," said Ronnie Manning, CMO, Yubico. "Now more than ever, education around the importance of phishing-resistant MFA is critical to officially move away from legacy MFA tools that are leaving thousands of businesses exposed to cyberattacks around the world," Manning continued.

Rilide browser extension steals MFA codes
2023-04-07 11:13

Cryptocurrency thieves are targeting users of Chromium-based browsers - Google Chrome, Microsoft Edge, Brave Browser, and Opera - with an extension that steals credentials and can grab multi-factor authentication codes. Dubbed Rilide by Trustwave researchers, the extension mimics the legitimate Google Drive extension while, in the background, it disables the Content Security Policy, collects system information, exfiltrates browsing history, takes screenshots, and injects malicious scripts.

Massive adversary-in-the-middle phishing campaign bypasses MFA and mimics Microsoft Office
2023-03-23 19:18

New research from Microsoft's Threat Intelligence team exposed the activities of a threat actor named DEV-1101, which started advertising for an open-source phishing kit to deploy an adversary-in-the-middle campaign. According to Microsoft, the threat actor described the kit as a phishing application with "Reverse-proxy capabilities, automated setup, detection evasion through an antibot database, management of phishing activity through Telegram bots, and a wide range of ready-made phishing pages mimicking services such as Microsoft Office or Outlook."

Outlook app to get built-in Microsoft 365 MFA on Android, iOS
2023-03-13 17:07

Microsoft will soon fast-track multi-factor authentication adoption for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client. The company says in a new Microsoft 365 roadmap entry that users will be able to complete MFA requests for Microsoft 365 apps directly in the Outlook app via a new feature dubbed Authenticator Lite.

When Partial Protection is Zero Protection: The MFA Blind Spots No One Talks About
2023-03-10 12:56

Are you as protected as you should be? Maybe it's time for you to re-evaluate your MFA. As a follow-up, explore this eBook to learn more about Silverfort's Unified Identity Protection approach to MFA and gain insight into how to assess your existing protections and relative risk exposure. In the same manner, if attackers can move laterally in your environment by providing compromised credentials to command line access tools, it no longer matters that you have MFA protection for RDP and desktop login.

Unphishable mobile MFA through hardware keys
2023-01-30 15:07

Passwords are a mess, MFA can be more of a stopgap than a solution to phishing and running your own public key infrastructure for certificates is a lot of work. Ironically, if you're a security-aware organization in a regulated industry that already did the hard work of adopting the previous gold standard - smartcards that hold a security certificate and validate it against a certificate authority on your infrastructure - you might find yourself stuck running ADFS as you try to move to the new FIDO keys.

MFA Fatigue attacks are putting your organization at risk
2022-11-15 15:07

A common threat targeting businesses is MFA fatigue attacks-a technique where a cybercriminal attempts to gain access to a corporate network by bombarding a user with MFA prompts until they finally accept one. Using MFA Fatigue attacks, cybercriminals bombard their victims with repeated 2FA push notifications to trick them into authenticating their login attempts to increase their chances of gaining access to sensitive information.