Email security, Social engineering

Phishing 2FA Tokens with CredSniper – Tradecraft Security Weekly #25

April 18, 2018

Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to gain access to user accounts if 2FA is setup. In this episode Mike Felch (@ustayready) and Beau Bullock (@dafthack) demonstrate a tool that Mike wrote called CredSniper that assists in cloning portals for harvesting two-factor tokens. Links: CredSniper

[audio src="http://traffic.libsyn.com/tswaudio/Phishing_2FA_Tokens_with_CredSniper_-_Tradecraft_Security_Weekly_25_converted.mp3" ]
prestitial ad