None of the articles seem to include mitigating the attacks or specific settings to check to ensure protection against MITM attacks. Are there any mitigations out there? Does it target only MS MFA or Duo as well? Any policy settings we should double check?