By John E. Dunn Forget vanilla phishing attacks – cybercriminals today have much more interesting tricks up their sleeves. MFA Fatigue Attacks When push notification via smartphone first appeared, it looked as if the industry had finally found a type of MFA that was both easy to use while being more secure than rivals such as SMS one-time passwords (OTPs). Recently, attackers have dented this reputation with a series of simple MFA fatigue attacks. After using stolen credentials, these bombard users with repeat push notifications in the hope a few will agree to make the barrage stop. Several large companies…
This article has been indexed from (ISC)² Blog
Read the original article: