Researchers at Push Security have discovered a new phishing campaign that targets Microsoft 365 (M365) systems and uses Active Directory Federation Services (ADFS) to enable credential theft. This attack vector exploits Microsoft’s authentication redirect mechanisms, effectively turning a legitimate service into a conduit for phishing operations. Sophisticated Phishing Infrastructure The campaign begins with malvertising lures […] The post New Campaign Uses Active Directory Federation Services to Steal M365 Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/new-campaign-uses-active-directory-federation-services/
