device code phishing
Coverage of device code phishing in the Nexus archive.
- Webinar: How attackers bypass MFA and how defenders can respond
Modern phishing attacks, including Device Code phishing, can bypass MFA protections to access corporate accounts without stealing passwords. The webinar discusses how behavioral AI can help detect compromised accounts and automate response workflows.
- FBI-Flagged Phishing Kit Kali365 Expands Its Reach
The FBI-flagged phishing kit Kali365, previously targeting Microsoft 365, now expands to AWS, Okta, and Russian platforms using device code phishing. This marks an increase in the platform's scope and threat level.
- Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
Attackers are exploiting device code phishing by leveraging a service's legitimate new-device login flow to trick victims into granting account access. This method bypasses traditional two-factor authentication (2FA) by mimicking authorized login processes.