Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign
Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords or app passwords as part of a novel social engineering tactic designed to gain access to victims' emails. Details of the highly targeted campaign were...