AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

Adversary-in-the-middle phishing attacks are still more common in use. Since the removal of basic authentication from Exchange Online more and more attackers are using more modern attacks like adversary-in-the-middle phishing, cookie theft, and other used attacks. Last year I blogged about several modern

Bluepurple Pulse: week ending July 9th - by Ollie

AiTM Phishing Attack Chain Exploiting G-Suite Products

AiTM phishing campaign also targets G Suite users

What is an Adversary-In-The-Middle (AiTM) Phishing Attack? - 1Kosmos

AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

phishing Archives - Security Affairs

Protecting Enterprises Against Phishing and Business Email Compromise (BEC) Attacks - Spiceworks

Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platform - Infosecurity Magazine

Microsoft Warns of Increased AiTM Phishing Attacks

Microsoft Details Phishing Campaign Targeting Over 10,000 Organizations

AiTM Phishing Attacks: Stolen Session Cookie Creates Havoc in Financial Organizations

Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs

Memo 22-09 multifactor authentication requirements overview - Microsoft Entra