Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Adversary-in-the-Middle AiTM uses reverse-proxy phishing to steal session cookies and bypass MFA; FIDO2 passkeys are a key defense.
Adversary-in-the-Middle AiTM Definition: Adversary-in-the-Middle AiTM uses reverse-proxy phishing to steal session cookies and bypass MFA; FIDO2 passkeys are a key defense.
Adversary-in-the-Middle AiTM is an interception attack in which an attacker relays communications between a victim and a legitimate service to capture credentials and session data, often using a reverse-proxy phishing kit. By proxying the real login page in real time, AiTM attacks steal authenticated session cookies, allowing the attacker to bypass many forms of multi-factor authentication. Defenses include phishing-resistant authentication such as FIDO2 passkeys, conditional access, and token-binding controls.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →