TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

DarkOwl

What is Push Bombing?

DarkOwl Content Team · 2026-04-23 · Read original ↗

ATT&CK techniques detected

9 predictions
T1621Multi-Factor Authentication Request Generation
96%
"factor authentication ( mfa ) has long been considered a cornerstone of modern cybersecurity. by requiring users to verify their identity through an additional factor — like a push notification to a mobile device — organizations have significantly reduced the risk of account comp…"
T1621Multi-Factor Authentication Request Generation
95%
"what is push bombing? april 23, 2026 cybersecurity might as well have its own language. there are so many acronyms, terms, sayings that cybersecurity professionals and threat actors both use that unless you are deeply knowledgeable, have experience in the security field or have a…"
T1621Multi-Factor Authentication Request Generation
94%
"phishing - resistant mfa. not all mfa is equal. sms codes and push prompts can be bypassed ( push fatigue, sim swaps ). where available, use fido2 keys, webauthn, and passkeys, particularly for privileged and external - facing accounts for phishing - resistant authentication. nev…"
T1621Multi-Factor Authentication Request Generation
53%
", a threat actor associated with the lapsus $ group gained access to uber ’ s internal systems. after obtaining a contractor ’ s password, the attacker sent a barrage of mfa requests. when the contractor initially ignored them, the attacker contacted them on whatsapp, pretending …"
T1556.006Multi-Factor Authentication
49%
"factor authentication ( mfa ) has long been considered a cornerstone of modern cybersecurity. by requiring users to verify their identity through an additional factor — like a push notification to a mobile device — organizations have significantly reduced the risk of account comp…"
T1556.006Multi-Factor Authentication
43%
"phishing - resistant mfa. not all mfa is equal. sms codes and push prompts can be bypassed ( push fatigue, sim swaps ). where available, use fido2 keys, webauthn, and passkeys, particularly for privileged and external - facing accounts for phishing - resistant authentication. nev…"
T1556.006Multi-Factor Authentication
38%
"what is push bombing? april 23, 2026 cybersecurity might as well have its own language. there are so many acronyms, terms, sayings that cybersecurity professionals and threat actors both use that unless you are deeply knowledgeable, have experience in the security field or have a…"
T1598.004Spearphishing Voice
34%
", a threat actor associated with the lapsus $ group gained access to uber ’ s internal systems. after obtaining a contractor ’ s password, the attacker sent a barrage of mfa requests. when the contractor initially ignored them, the attacker contacted them on whatsapp, pretending …"
T1111Multi-Factor Authentication Interception
31%
"factor authentication ( mfa ) has long been considered a cornerstone of modern cybersecurity. by requiring users to verify their identity through an additional factor — like a push notification to a mobile device — organizations have significantly reduced the risk of account comp…"

Summary

In this blog series, we explain and simplify some of the most commonly used terms in cybersecurity. In this edition, we dive into push bombing.

The post What is Push Bombing? appeared first on DarkOwl, LLC.