Resecurity has identified a new underground service that allows cybercriminals to bypass 2FA authentication (MFA) authentication mechanisms on a large scale without the need to hack upstream services or the supply chain. EvilProxy actors are using Reverse Proxy and Cookie Injection methods to bypass 2FA authentication – proxyfying victim’s session
INDUSTRIES: E-Commerce, Financial
ATT&CK IDS: T1090 - Proxy, T1125 - Video Capture, T1566 - Phishing, T1040 - Network Sniffing
Read More:
Comments