What is the issue?
The US Federal Bureau of Investigation (FBI) has issued a security advisory to private industry partners about the increasing threat of attacks against organizations and their employees that can bypass multi-factor authentication (MFA) solutions.
The big picture
The FBI wrote in a Private Industry Notification (PIN) sent out to industry partners that attackers are using social engineering and technical attacks to bypass multifactor authentication.
The agency noted that this notification should be taken only as a precaution and that the FBI still recommends companies to use multi-factor authentication.
“Multi-factor authentication continues to be a strong and effective security measure to protect online accounts, as long as users take precautions to ensure they do not fall victim to these attacks,” the FBI said, ZDNet reported.
Some of the prominent MFA bypass attacks
The PIN notification also highlighted some of the prominent MFA bypass attacks, which include: