This big phish can swim around MFA, says Microsoft Security

Slippery AiTM attacks targeted more than 10,000 orgs over the past nine months

A widespread phishing campaign that has hit more than 10,000 organizations since September 2021 uses adversary-in-the-middle (AiTM) proxy sites to get around multifactor authentication (MFA) features and steal credentials that are then used to compromise business email accounts.…