all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Best remediation steps for MFA session hijacking attacks?

Add to bookmarks
March 26, 2023, 2:02 a.m. | /u/dnvrnugg

cybersecurity www.reddit.com

With the rise of pass-the-cookie / AiTM attacks to bypass MFA, I’m looking into best practices for defense against these attacks, but also remediation steps to add to our incident response plan when (not if) it happens in our tenant.

For security controls, Azure Identity Protection risk policies paired with Conditional Access session controls is already in place. Blocking access on unmanaged devices as well.

Alert monitoring in Defender 365 for Cloud Apps too.

Is there a way to automatically …

access actions aitm alert apps attacks azure best practices blocking bypass cloud cloud apps conditional access controls cookie cybersecurity defender defense devices hijacking identity identity protection incident incident response incident response plan mfa monitoring policies policy practices protection remediation response response plan risk security security controls session session hijacking tokens unmanaged devices valid

Visit resource

More from www.reddit.com / cybersecurity

Fake job interviews target developers with new Python backdoor 2 hours ago | www.reddit.com
backdoor cybersecurity developers fake +7
Cyberattack Gold: SBOMs Offer an Easy Census of Vulnerable Software 2 hours ago | www.reddit.com
census cyberattack cybersecurity easy +4
Cybersecurity for Government 5 hours ago | www.reddit.com
budget corporate cybersecurity goals +8
More than 800 vulnerabilities resolved through CISA ransomware notification pilot 9 hours ago | www.reddit.com
cisa cybersecurity notification pilot +2
Top cybersecurity stories for the week of 04-22-24 to 04-26-24 9 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
Reddit down in major outage blocking access to web, mobile apps 12 hours ago | www.reddit.com
access apps blocking cybersecurity +7
Most painful issues in chemical industry? 12 hours ago | www.reddit.com
chemical cybersecurity deal europe +10
Here's my article on Phishing Email Investigation: A Step-by-Step Analysis. Do read and let me … 13 hours ago | www.reddit.com
analysis article cybersecurity email +5
Secondary cysec skill? 14 hours ago | www.reddit.com
aim consultant contractor cybersecurity +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs