Pulse of Truth

2393 readers

97 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

Hundreds of orgs compromised daily in Microsoft device code phishing attacks (www.theregister.com)

submitted 1 month ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

2 comments fedilink hide all child comments

Who needs MFA when you've got EvilTokens? Hundreds of organizations have been compromised daily by a Microsoft device-code phishing campaign that uses AI and automation at nearly every stage of the attack chain to ultimately snoop through corporate email inboxes and steal financial data.…

you are viewing a single comment's thread
view the rest of the comments

[–] paraphrand@lemmy.world 3 points 1 month ago (1 children)

A few times a year I get a wave of false 2 factor requests for Microsoft accounts. It’ll be persistent for a few days or a week, and then stop.

[–] doughless@lemmy.world 2 points 1 month ago

This has been happening to me the past few weeks, so I tried turning off app notification sign-in, and the attacker switched to entering passwords until it locked my account.

The only way to unlock it is to reset the password, and MS won't let me keep my old one ... why can't I use the old one again, especially if I recently changed it already?! The attackers clearly don't know it, but now they can make me go through the effort of setting a new password every day until I enabled app notification login again.

And then they just switched back to MFA phishing again. The attacker has even stopped bothering making the login request look like it's coming from the same country I live in.