Malicious hackers are targeting Office 365 users with a spare of ‘MFA fatigue attacks’, bombarding victims with 2FA push notifications to trick them into authenticating their login attempts.
Multi-factor authentication (MFA) fatigue is the name given to a technique used by adversaries to flood a user’s authentication app with push notifications in the hope they will accept and therefore enable an attacker to gain entry to an account or device.
It does require the attacker to have the victim’s credentials, which “could be obtained via brute forcing, password reuse, or spraying”.
“Once the attacker obtains valid credentials, they will perform the push notification spamming repeatedly until the user approves the login attempt and lets the attacker gain access to the account ================================================================== Use better security. Use Wave VSC 2.0 (MFA)!! ================================================================== http://www.wavesys.com/products/wave-virtual-smart-card ================================================================== http://www.wavesys.com/
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.