MFA: Not All it's Cracked Up to Be

preview_player
Показать описание
Speaker: Anna Quinn

Abstract: Multi-Factor Authentication is an important facet in any organization's security program, however some common misconfigurations can allow attackers to bypass MFA entirely. In this session, we will cover some common MFA bypass methods against portals for O365 and AWS, as well as services such as Github and GitLab. In doing so we will discover how attackers leverage discovered resources and misconfigurations during a compromise to access sensitive services protected by MFA.

Talk Track: Security Operations
Рекомендации по теме