[Krebs on Security] Recent 'MFA Bombing' Attacks Targeting Apple Users

Krebs on Security has posted a new item. Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds "Allow" or "Don't Allow" to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user's account is under attack and that Apple support needs to "verify" a one-time code. Please use the link above to continue reading this posting. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * The Security Leaders Handbook: The Strategic Guide to Cloud Security As organizations continue to adopt more cloud technologies, security teams are left grappling with how to protect their apps and data in the cloud. The Security Leaders Handbook from Wiz helps answer the biggest questions when it comes to securing everything you build and run in the cloud. In this guide you’ll learn: - Practical steps to achieve cloud security maturity - Best practices to extend the reach of your security team - How to transform processes to scale for cloud adoption - Ways to ensure secure code development Download now: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * You received this e-mail because you asked to be notified when new updates are posted. Best regards, BrianKrebs P.S. You may manage your subscription here: