AiTM/ MFA phishing attacks in combination with new Microsoft protections (2023 edition)

Adversary-in-the-middle phishing attacks are still more common in use. Since the removal of basic authentication from Exchange Online more and more attackers are using more modern attacks like adversary-in-the-middle phishing, cookie theft, and other used attacks. Last year I blogged about several modern

Pawel Partyka (@Pawp81) / X

All Attacks Are Hybrid Attacks–And What To Do About It by Vectra

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platform - Infosecurity Magazine

New and more sophisticated phishing techniques leverage a variety of malicious tactics - SiliconANGLE

Netskope Threat Coverage: Microsoft Discloses New Adversary-in-the-Middle ( AiTM) Phishing Attack - Netskope

Microsoft accounts targeted with new MFA-bypassing phishing kit

AiTM phishing attacks: What to do when MFA is not enough

Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams

Hackers target financial giants via AiTM phishing and BEC attacks