"Hackers Bypassing Some Types of 2FA Security FBI Warns"
It has been discovered by the FBI that some types of two-factor authentication (2FA) security can no longer be guaranteed to keep adversaries out. Their are several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts. The most common bypass method is SIM swap fraud, in which the attacker convinces a mobile network (or bribes an employee) to port a target’s mobile number, allowing them to receive 2FA security codes sent via SMS text. Using any form of 2FA is still better than relying on a password and username on its own even with some being vulnerable. If one wants to have the strongest possible 2FA security, one will probably have to consider using FIDO2 hardware tokens, a technology that has yet to be undermined by hackers in real-world attacks.
Naked Security reports: "Hackers Bypassing Some Types of 2FA Security FBI Warns"