Tag

Mfa Fatigue

All articles tagged with #mfa fatigue

technology1 year ago•4 min saved

"Apple Users Beware: MFA Bombing Attack Prompts Endless Password Resets"

Attackers are targeting iPhone users with "MFA fatigue" attacks, bombarding devices with endless password reset prompts and even spoofed calls from "Apple support." This technique, also known as MFA prompt bombing, aims to overwhelm users with multifactor authentication requests, making it difficult to distinguish legitimate prompts from fake ones. Apple's password-reset scheme is vulnerable to these attacks, and experts recommend implementing rate limiting and FIDO-compliant MFA to mitigate the risk. Users are advised to be cautious of unsolicited calls and report suspicious activity to authorities.

via Ars Technica|

#apple #cybersecurity #icloud-phishing

cybersecurity2 years ago•4 min saved

Microsoft's Authenticator now uses number matching to combat MFA fatigue attacks.

Microsoft is introducing a number-matching feature in its Authenticator app to combat MFA fatigue, a social engineering tactic that overwhelms users with push notifications asking for login approval. The feature adds a one-time code element to the push notification approach, requiring users to enter another number to complete the login process. The number matching feature will be automatically enabled for all push notifications in Authenticator, and users will not be able to opt out of the feature. The change will be deployed starting this week.

via The Register|

#cybersecurity #mfa-fatigue #microsoft