Yubico Keys: A robust, user-friendly, phishing-resistant solution to MFA. Protects against cyber threats, drives productivity, and minimizes costs.

I believe that it’s imperative that we promote positive digital identity controls especially with generative AI ability to muck it up as a result of being used with malicious intent. #cybersecurity #mfabombing

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/

#AppleRecoveryKey #ALittleSunshine #LatestWarnings #TheComingStorm #PeopleDataLabs #KishanBagaria #MFAbombing #MFAfatigue #ParthPatel #apple

My team just released a new MFA bombing testing tool. It can be used in purple & red team modes to execute MFA fatigue/spamming/bombing on #Okta users. After we'll add more IdPs
AFAIK it is the first MFA bombing tool for Okta.

Https://github.com/authomize/mfa-bombing

#mfa #mfabombing #purpleteam #blueteam #redteam #RedTeamBlues #toolbox #mfafatigue #purplet

With the ever increasing attacks on users, moving to #multifactorauthentication is a must in order to reduce the attack surface of just relying on a password to secure access to resources. Implementing #MFA that is enforced all the time relies on also having a good user experience, which gave rise to mobile authenticator apps since many users always have their phones with them. However it also gave rise to #mfabombing and griefing to get those users to approve. With the recent GA of #microsoftauthenticator #azuread orgs can enable number match and context for the push notification to further improve the #security of the users by avoiding the blind approval of a push notification.

🔥 See the post on the AzureAD blog here and go enable these settings for your organization https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673 #microsoft #office365 #o365 #cloudsecurity