All news with #multi-factor authentication tag

Axios Abuse and Salty 2FA Kits Fuel Direct Send Phishing

🔒 ReliaQuest reports threat actors increasingly abusing the HTTP client Axios alongside Microsoft's Direct Send to create a highly efficient phishing pipeline that intercepts and replays authentication flows. Campaigns beginning in July 2025 targeted executives in finance, healthcare, and manufacturing and expanded to all users, achieving up to a 70% success rate when pairing Axios with Direct Send. Attackers also use PDF lures with malicious QR codes, Google Firebase hosting, and advanced MFA-bypass kits such as Salty2FA to simulate multiple 2FA methods and steal credentials.

Secure-by-Default: Simple Defaults to Shrink Attack Surface

🔒 This article argues that adopting a security-by-default mindset—setting deny-by-default policies, enforcing MFA, and employing application Ringfencing™—can eliminate whole categories of risk early. Simple changes like disabling Office macros, removing local admin rights, and blocking outbound server traffic create a hardened environment attackers can’t easily penetrate. The author recommends pairing secure defaults with continuous patching and monitored EDR/MDR for comprehensive defense.