all InfoSec news
BG - Authentication Proxy Attacks: Detection, Response and Hunting
Oct. 25, 2023, 9:51 p.m. | BSidesLV
BSidesLV www.youtube.com
Over five years ago, evilnginx was released, demonstrating the ease of stealing authentication session tokens from MFA-enabled logon processes with a simple reverse proxy. Despite being a well-known technique, few of these attacks were seen in widespread use among cybercrime threat actors, until recently.
The advent of the EvilProxy and similar platforms has given attackers the ability to compromise targets with strong authentication without resorting to burdensome SIM swapping or noisy push fatigue attacks. With nascent …
attacks authentication breaking cybercrime detection hunting logon mfa processes proxy response reverse reverse proxy session simple stealing threat threat actors tokens tuesday well-known
More from www.youtube.com / BSidesLV
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States