Skip to content
Tech News
← Back to articles

Webinar: How attackers bypass MFA and how defenders can respond

2026-06-19 | original
read original more articles
Why This Matters

This webinar highlights the evolving tactics of cyber attackers who bypass traditional MFA protections by exploiting legitimate authentication workflows, emphasizing the need for advanced behavioral AI solutions. For the tech industry and consumers, understanding these methods is crucial to strengthening security measures and preventing costly breaches. It underscores the importance of adopting proactive, automated detection strategies to stay ahead of sophisticated threats.

Key Takeaways

Many organizations view multi-factor authentication as one of their strongest defenses against account compromise. However, attackers increasingly use phishing techniques that don't require stealing passwords or bypassing MFA at all.

On July 8, 2026, BleepingComputer will host a live webinar titled "Stop chasing alerts: Automating email security with behavioral AI" presented by Dan Nickolaisen, Solutions Architect Manager at Abnormal AI, and Eric Danneker, Director of Cyber Vigilance and Defense at Novant Health.

The webinar will examine how modern phishing campaigns, business email compromise (BEC), and account takeover (ATO) attacks exploit trusted services and authentication workflows to gain access to corporate accounts.

One technique receiving growing attention is Device Code phishing, where attackers trick users into authorizing access through legitimate Microsoft authentication pages. Because users complete a real login and MFA challenge, attackers can obtain persistent access without ever stealing credentials.

This shift presents a challenge for security teams. Traditional email defenses, credential monitoring, and MFA protections may not detect these attacks, leaving analysts to investigate suspicious activity only after an account has already been compromised.

Abnormal AI uses behavioral AI to identify unusual account activity, suspicious communications, and attack patterns that conventional security controls may miss.

Attendees will learn practical approaches for detecting account compromise earlier, reducing investigation workloads, and improving response times through automation and behavioral analysis.

Why MFA isn't stopping every account takeover

Many phishing attacks still focus on stealing passwords, but increasingly attackers are targeting authentication workflows themselves.

By abusing legitimate authorization processes, attackers can obtain access tokens that grant ongoing access to email, cloud applications, and corporate resources without triggering many traditional security controls.

... continue reading

Explore topics: mfa phishing abnormala microsoft accounttakeover
Related:
Is That Call, Text or Email Real? Here’s How to Identify Scams
Microsoft: June 2026 Windows updates break Recycle Bin prompts
Older Macs and iPhones Could Lose Major Office 365 Features in a Few Weeks
Microsoft discovers new lightweight backdoor that steals cryptocurrency
Can ‘Applied Creativity’ be the next ‘Design Thinking?’

© 2026 GoKawiil

About | Editorial Policy | Contact