‘ONNX’ MFA Bypass Targets Microsoft 365 Accounts
June 19, 2024 at 01:29PM A phishing-as-a-service operation is targeting financial firms using advanced tactics such as 2FA bypass, QR codes, and typosquatting to compromise Microsoft 365 accounts. The origin of the campaign was traced to a platform called ONNX Store, which operates through Telegram bots. Countermeasures include blocking unverified PDF and HTML attachments, implementing … Read more