- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
The Phishing Attack That Makes MFA Useless
Learn how device code phishing works and how to detect it: https://www.huntress.com/resources/what-is-device-code-phishing?utm_source=youtube&utm_medium=social
Security Operations Analyst Luke Wilkinson breaks down device code phishing. Attackers abuse a legitimate Microsoft authentication flow built for printers and smart TVs, trick users into completing a real MFA prompt, and walk away with a valid access token to your Microsoft 365 account (no password required). That token can stay valid for 90 days, giving attackers silent access to email, Teams, OneDrive, and SharePoint. The good news: it's detectable if you're watching the right signals in your identity layer.
🔍 Topics: device code phishing | Microsoft 365 | MFA bypass | OAuth token theft | identity threat detection | Huntress SOC | M365 security
———
We wreck hackers. Huntress is a purpose-built platform for organizations like yours, all backed and operated by our industry-proven, 24/7 AI-assisted SOC for continuous threat protection.
We are enterprise-grade cybersecurity for ALL businesses.
Learn more about how Huntress fights cyber threats: https://www.huntress.com/why-huntress?utm_source=youtube&utm_medium=social
Видео The Phishing Attack That Makes MFA Useless канала Huntress
Security Operations Analyst Luke Wilkinson breaks down device code phishing. Attackers abuse a legitimate Microsoft authentication flow built for printers and smart TVs, trick users into completing a real MFA prompt, and walk away with a valid access token to your Microsoft 365 account (no password required). That token can stay valid for 90 days, giving attackers silent access to email, Teams, OneDrive, and SharePoint. The good news: it's detectable if you're watching the right signals in your identity layer.
🔍 Topics: device code phishing | Microsoft 365 | MFA bypass | OAuth token theft | identity threat detection | Huntress SOC | M365 security
———
We wreck hackers. Huntress is a purpose-built platform for organizations like yours, all backed and operated by our industry-proven, 24/7 AI-assisted SOC for continuous threat protection.
We are enterprise-grade cybersecurity for ALL businesses.
Learn more about how Huntress fights cyber threats: https://www.huntress.com/why-huntress?utm_source=youtube&utm_medium=social
Видео The Phishing Attack That Makes MFA Useless канала Huntress
Комментарии отсутствуют
Информация о видео
Вчера, 1:26:01
00:03:13
Другие видео канала
The Identity Breach You Didn't Know You Had: Google Workspace
Identity Security Posture Management Research: Huntress' Approach | Product Lab
Threat Actors LOVE These Trends and Tactics | Tradecraft Tuesday
![We don't get fooled again [by MAC Defender]](https://i.ytimg.com/vi/ja5KiZBajsw/default.jpg)
We don't get fooled again [by MAC Defender]
The Importance of Crash Reports
How to create digestible, understandable, actionable cyber security content
Tradecraft Tuesday - Attacking MFA/2FA - October 2019
A Holiday Hacker Grab Bag of Azure M365 Treats
John Hammond's Top 3 Tips to #BeCyberSmart
Huntress EDR versus Privilege Escalation
ThreatOps Stories: Rogue ScreenConnect
What exactly is the Cyber Defense Matrix?
Formulating an Intelligence-Driven Threat Hunting Methodology
What Happens When Theres An Incident PT 01: The ThreatOps Process
Tradecraft Tuesday | Huntress CTF 2025
Product Lab | April 2025
RMMs & RATs are Command & Control
$500K for ‘Yukari’ — Then BreachForums Vanished | Tradecraft Tuesday
Major warning if you use free background remover websites
Back to basics...
Tradecraft Tuesday | Infostealers: A Crash Course
