Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom phishlet within adversary-in-the-middle (AiTM) frameworks. This method exploits gaps in browser compatibility and user agent handling, forcing victims to revert to less secure multi-factor authentication (MFA) mechanisms, thereby enabling credential theft and session hijacking. While […]

The post Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/hackers-deploy-dedicated-phishlet/