When MFA fails, defense in depth is key

2022-04-07 07:45

As in the Coinbase incident, many MFA bypass attacks begin with a phishing attack.

Organizations use MFA to protect users against these attacks.

In practice, attackers have found many ways around MFA. One of them is to gather the MFA details during the phishing process.

Evilgenix is just one tool used to automate phishing and MFA bypass attacks.

The MFA system's default configuration allowed the attackers to enroll their own device for the MFA service, giving them access to the NGO's network.

If you're looking for specific, known signs of intrusion then an attacker that has successfully used MFA and keeps their head down will be difficult to spot.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/07/mfa_defense_in_depth/

#defense #MFA