all InfoSec news
Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
Help Net Security www.helpnetsecurity.com
Active adversaries are increasingly exploiting stolen session cookies to bypass multi-factor authentication (MFA) and gain access to corporate resources, according to Sophos. In some cases, the cookie theft itself is a highly targeted attack, with adversaries scraping cookie data from compromised systems within a network and using legitimate executables to disguise the malicious activity. Once the attackers obtain access to corporate web-based and cloud resources using the cookies, they can use them for further exploitation … More →
The post …
authentication bypass cookies cybersecurity don't miss factor mfa multi-factor multi-factor authentication privacy report session sophos stolen