AiTM Phishing Attacks: Keeping Up with Attacker TTPs
Attackers are turning up the heat with advanced TTPs like Adversary-in-the-Middle (AiTM) phishing attacks to steal session cookies and bypass MFA security.
Adversary-in-the-Middle (AiTM) is a phishing technique allowing attackers to hijack a user’s sign-in session, intercept the user’s password and session cookie, and then get authenticated to a session on the user’s behalf. Once the attackers have successfully captured the user’s credentials and session cookies, they move to the next phase of the attack by accessing compromised users’ mailboxes to launch BEC campaigns against other targets.
Attackers are turning up the heat with advanced TTPs like Adversary-in-the-Middle (AiTM) phishing attacks to steal session cookies and bypass MFA security.