Microsoft warns of massive phishing campaign that can bypass MFA - Siliconrepublic.com

Microsoft said the attackers use a fake website to steal a session cookie, letting them skip authentication safeguards and access emails.

Microsoft said more than 10,000 organisations have been targeted by the campaign, which uses a fake website to steal credentials and session cookies, letting an attacker skip authentication safeguard… [+2825 chars]

full article...