CSO Online

Stopping AiTM attacks: The defenses that actually work after authentication succeeds

AiTM attacks don't steal passwords; they copy the result of a real login. You need to watch what happens after the user logs in to catch a hijacked session.

Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution

Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the ...
Dark Reading

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

­Microsoft's Windows Hello for Business (WHfB) default phishing-resistant authentication model recently was found susceptible to downgrade attacks, allowing threat actors to crack into even ...