PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick Users. Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication – FIDO2 physical keys.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/hackers-exploit-fido-mfa-novel-phishing-technique-a-29016
