Abuse Melding

Je hebt een klacht over de onderstaande posting:

08-10-2024, 23:56 door Erik van Straten

@Anoniem 17:31: ik ben het ermee eens dat security niet de enige overweging is, maar wel één die steeds meer problemen oplevert. Bijvoorbeeld uit [1] (bron, en minder technisch: [2]): Mamba 2FA: A new contender in the AiTM phishing ecosystem Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit, sold as phishing-as-a-service (PhaaS). October 7 2024, by Grégoire Clermont and Sekoia TDR [...] Capabilities of the Mamba 2FA phishing platform The Mamba 2FA phishing platform features similar capabilities to the other popular AiTM phishing-as-a-service offerings of the cybercrime ecosystem: • It handles two-step verifications for non-phishing-resistant MFA methods such as one-time codes and app notifications; • It supports Entra ID, AD FS, third-party SSO providers, and consumer Microsoft accounts; • For enterprise accounts, it dynamically reflects the organisation’s custom login page branding (logo, background image); • The stolen credentials and cookies are ...

Beschrijf je klacht (Optioneel):

captcha