New AiTM Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users - CyberSecurityNews
New AiTM Attack Campaign Bypasses MFA to Target Microsoft 365 and Okta Users A new Adversary-in-the-Middle (AiTM) attack campaign has emerged that successfully bypasses multi-factor authentication (MFA) protections targeting Microsoft 365 and Okta users. These sophisticated attacks intercept authentication flows between users and cloud services, allowing attackers to capture credentials and session tokens despite MFA being enabled. The campaign represents a significant threat to enterprise security as it demonstrates how attackers can circumvent traditional MFA defenses through proxy-based interception techniques. Organizations using these platforms are advised to implement additional security measures beyond standard MFA, including conditional access policies and anomalous login detection.
Key Takeaways
- arrow_right_alt AiTM attacks successfully intercept and bypass MFA protections on Microsoft 365 and Okta platforms
- arrow_right_alt Attackers capture credentials and session tokens through proxy-based interception of authentication flows
- arrow_right_alt The campaign highlights vulnerabilities in traditional MFA implementations against sophisticated threat actors
- arrow_right_alt Organizations should implement conditional access policies and anomalous login detection as additional security layers