In MFA We Trust… Think Again. | Infoblox
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 9d6537c2-0aa1-4e65-9794-c34ec3086127 |
| Fingerprint | b60181d00822e4e5 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Oct. 17, 2023, 1 p.m. |
| Added to db | Nov. 19, 2023, 6 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Click Here to Talk to an Attacker: How Bad Guys are Undermining Trust in Multi-factor Authentication (MFA) |
| Title | In MFA We Trust… Think Again. | Infoblox |
| Detected Hints/Tags/Attributes | 70/2/35 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 61 | ✔ | Infoblox Blog | https://blogs.infoblox.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | retool.okta.com.oauthv2.app |
|
| Details | Domain | 2 | oauthv2.app |
|
| Details | Domain | 1 | oauthv2.com |
|
| Details | Domain | 1 | sso-analytics.com |
|
| Details | Domain | 1 | validation129.app |
|
| Details | Domain | 1 | approval23.co |
|
| Details | Domain | 1 | validating-hardware.app |
|
| Details | Domain | 1 | rbfver0y1.com |
|
| Details | Domain | 1 | purpleid.okta.approval23.co |
|
| Details | Domain | 2 | com-2fa.support |
|
| Details | Domain | 1 | reset-2fa.com |
|
| Details | Domain | 2 | com-reset.help |
|
| Details | Domain | 1 | coinbase.com-2fa.support |
|
| Details | Domain | 1 | samtanfe-verify.click |
|
| Details | Domain | 1 | 2fa-portal-nsandi.com |
|
| Details | Domain | 1 | scotiasecureinfo-verify.services |
|
| Details | Domain | 1 | verify-wick.xyz |
|
| Details | Domain | 2 | coinbase-live.support |
|
| Details | Domain | 1 | smart-core.fr |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 2 | www.cio.gov |
|
| Details | Domain | 9 | www.cybersecuritydive.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 154 | urlscan.io |
|
| Details | File | 10 | blogs.inf |
|
| Details | Mandiant Uncategorized Groups | 111 | UNC3944 |
|
| Details | Url | 1 | https://retool.okta.com.oauthv2.app/authorize-client/xxx |
|
| Details | Url | 1 | https://www.cisa.gov/mfa |
|
| Details | Url | 1 | https://www.cio.gov/2022-10-26-importance-multifactor-authentication |
|
| Details | Url | 1 | https://www.cybersecuritydive.com/news/lastpass-cyberattack-timeline/643958 |
|
| Details | Url | 1 | https://blogs.infoblox.com/security/recent-sms-phishing-attacks-reveal-the-dangers-of-mfa-lookalike-domains |
|
| Details | Url | 4 | https://www.mandiant.com/resources/blog/unc3944-sms-phishing-sim-swapping-ransomware |
|
| Details | Url | 1 | https://urlscan.io/result/31210cf7-3a52-4d1e-8bf0-57488c1c274a |
|
| Details | Url | 1 | https://urlscan.io/result/76cb9223-0293-4a48-9202-eccd760ecbb7 |
|
| Details | Url | 1 | https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/dont-dial-that-number-distribution-of-phishing-lookalikes-through-fake-support-calls |