Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. [...]

https://www.bleepingcomputer.com/news/security/threat-actors-downgrade-fido2-mfa-auth-in-poisonseed-phishing-attack/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog