Multifactor Authentication (MFA)

A new report from LevelBlue’s SpiderLabs team warns that threat actors are increasingly using voice phishing, or vishing, to manipulate Okta authentication processes, including MFA resets and new-device enrollment. Rather than relying only on malicious…

A recently discovered botnet consisting of more than 130,000 compromised devices is now targeting Microsoft 365 accounts with advanced password-spraying tactics capable of evading traditional detection methods. Password-spraying is a brute-force cyber-attack where hackers try…

A recent wave of cyberespionage has exposed the vulnerabilities of U.S. telecommunications networks. Dubbed "Salt Typhoon" by Microsoft, this campaign, attributed to Chinese hackers, infiltrated at least eight major telecommunications companies, including AT&T and Verizon.…

Phishing-as-a-service (PhaaS) has turned phishing from a niche skill into a scalable, accessible business model. Rockstar 2FA, a new entrant in this market, takes things further by employing adversary-in-the-middle (AiTM) techniques to bypass multi-factor authentication…