FILTERING BY: CLEAR FILTER

Kali365 Phishing Kit: MFA Bypass Targeting Microsoft 365, AWS, and Okta

The FBI has issued a critical alert regarding the Kali365 phishing kit, a sophisticated tool designed to compromise enterprise cloud environments. Utilizing Adversary-in-the-Middle (AiTM) techniques, the kit intercepts authentication traffic to harvest credentials and steal active session tokens, effectively bypassing multi-factor authentication (MFA) protocols. The campaign specifically targets Microsoft 365 (Outlook, Teams, OneDrive), Amazon Web Services (AWS), and Okta identity providers. Successful exploitation grants threat actors deep access to corporate communications and critical cloud infrastructure, enabling large-scale data exfiltration and the compromise of organizational identity management systems.


LINK COPIED TO CLIPBOARD