The Death of Conventional MFA: How AiTM Attacks Are Changing the Game

Posted on in Presentations

Over the past year, researchers observed a sharp increase in usage of AiTM phishing attacks in-the-wild, which are capable of bypassing MFA methods oft used in enterprises. Some of the notable recent enterprise breaches started with an MFA abuse. This session will discuss the availability of phishing-as-a-service providers on underground forums, which has made advanced attacks accessible to threat actors.

Deepen Desai


Chief Security Officer, Zscaler

Sudeep Singh


Senior Manager, APT Research, Zscaler

Share With Your Community