Mandiant says a wave of recent ShinyHunters SaaS data-theft
attacks is being fueled by targeted voice phishing (vishing)
attacks and company-branded phishing sites that steal single
sign-on (SSO) credentials and multi-factor authentication (MFA)
codes. [...]
