Skip to content
The Nexus
DossierENTITY

Multi-Factor Authentication (MFA)

Coverage of Multi-Factor Authentication (MFA) in the Nexus archive.

Earliest in view: Apr 9 · 14:02 UTCMost recent: May 25 · 12:45 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 25 · 12:45 UTCBLEEPING COMPUTER
    FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

    The FBI has issued a warning about the Kali365 phishing-as-a-service platform, which exploits OAuth device code authentication to hijack Microsoft 365 accounts. The service steals session tokens and bypasses multi-factor authentication (MFA), posing a significant cybersecurity threat.

  • SECURITYApr 13 · 14:05 UTCBLEEPING COMPUTER
    The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

    A new infostealer named 'Storm' bypasses local decryption by transmitting browser data to attacker servers. Varonis demonstrates how server-side decryption enables session hijacking, circumventing passwords and multi-factor authentication (MFA).

  • SECURITYApr 9 · 14:02 UTCBLEEPING COMPUTER
    When attackers already have the keys, MFA is just another door to open

    The article discusses how stolen credentials can bypass Multi-Factor Authentication (MFA), turning authentication systems into an attack surface. A wearable biometric authentication token is presented as a solution to verify users rather than sessions, blocking phishing relays and MFA bypass attempts.

Multi-Factor Authentication (MFA) · Dossier · The Nexus