TiliBrief
S&P5,572.85 +0.8% NASDAQ18,352.76 +1.2% DOW39,375.87 +0.5%
Cyber

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks. The threat actor, tracked by Okta under the moniker O-UNC-066, has deployed a panel-controlled phishing kit that's capable of targeting the passkey enrollment process. The

Read full article on The Hacker News →