Device code phishing enabled hackers to bypass multifactor authentication without credentials.
Related Articles
All CyberSecurityDive →
Newly observed malware campaign likely combines AI and ClickFix
Using the techniques in tandem helps hackers evade detection, a security firm said. Source link
Global law-enforcement operation targets infostealer malware
Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. An international law enforcement operation has dismantled…
CISA will shutter some missions to prioritize others
The Cybersecurity and Infrastructure Security Agency is preparing employees for a reorganization that will reduce the depleted agency’s focus on certain missions in order to…
Shadow AI is widespread — and executives use it the most
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: More than 80% of workers,…
CISOs grow more concerned about risk of material cyberattack
Chief information security officers are increasingly concerned about the risk of a cyberattack, and a growing number say they have experienced a material loss of…
State-linked and criminal hackers use device code phishing against M365 users
Multiple threat groups have been ramping up attacks using a technique called device code phishing to trick users into granting access to their Microsoft 365…