AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

Adversary-in-the-middle phishing attacks are still more common in use. Since the removal of basic authentication from Exchange Online more and more attackers are using more modern attacks like adversary-in-the-middle phishing, cookie theft, and other used attacks. Last year I blogged about several modern

AiTM Phishing Attack Chain Exploiting G-Suite Products

Detection Engineering Weekly #31 - MOVEit, get out the way

What is an Adversary-In-The-Middle (AiTM) Phishing Attack? - 1Kosmos

New phishing and business email compromise campaigns increase in complexity, bypass MFA

Advanced BEC Scam Campaign Targeting Executives on O365

Advanced BEC Scam Campaign Targeting Executives on O365

AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

What Is An Adversary-in-The-Middle Attack (AiTM)?

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

phishing Archives - Security Affairs

How to use Microsoft Entra, Internet Access to prevent AiTM attack(s), by Derk van der Woude

AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

EvilProxy Exploits indeed.coms Open Redirect for Microsoft 365 Phishing

Phishing attacks bypassing MFA - Michigan SBDC