The Advantages and Limitations of MFA: A Look into Common Bypass Techniques and Security Counter Measures

Webinar Registration

One of the most common security controls recommended is to implement multi-factor authentication (MFA) for at least those with access to valuable data… if not for absolutely everyone in the organization. With initial access brokers selling credentialed access to applications, web platforms, networks, and directory services, it becomes necessary to leverage MFA to ensure the user of a credential is actually the owner of it.

However, MFA most definitely isn’t a silver bullet. From simple social engineering methods like MFA prompt bombing or proxied logons, to advanced techniques designed to bypass MFA entirely, threat actors are finding ways to leverage compromised credentials despite organizations having MFA in place.

So, how is MFA being bypassed and what can you do about it?

In this Real Training for Free session, 4-time Microsoft MVP Nick Cavalancia takes my seat as he first takes a look at MFA’s promises, assumptions, and recent failings. This will include:

A look at MFA architecture
Various practical ways MFA is implemented today
Coverage of attacks that included bypassing MFA
Recommendations on how to better secure logons when MFA is involved

Next up, you’ll hear from Yiftach Keshet; VP of Product Marketing at Silverfort who will first discuss different ways attackers bypass MFA protection depending on the infrastructure, including:

Using malicious extensions to steal session tokens when MFA is used to access SaaS apps
Compromising the MFA server itself to bypass MFA for VPN

Yiftach will also discuss how attackers *avoid* MFA by access to attack surfaces for which MFA is not applicable. Examples he’ll cover include:

Using command line access tools like PsExec or Remote PowerShell that are built on legacy AD protocols
Distribute malicious payloads simultaneously to multiple machines by planting it in a shared folder

Yiftach will also discuss controls to gain better visibility into attacker authentication – regardless of whether MFA is used or not – and discuss ways to improve the state of security around MFA.

This Real Training for Free session will be full of applicable real-world content. Register now!

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Job Title:	Required
Organization:	Required
Country:	Required
State:	Required
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Additional Resources

User name:
Password:
	/ Forgot?
	Register

July 2024 Patch Tuesday	"Patch Tuesday - Four Zero Days " - sponsored by Supercharger for Windows Event Collection

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.