The Advantages and Limitations of MFA: A Look into Common Bypass Techniques and Security Counter Measures

Webinar Registration

One of the most common security controls recommended is to implement multi-factor authentication (MFA) for at least those with access to valuable data… if not for absolutely everyone in the organization. With initial access brokers selling credentialed access to applications, web platforms, networks, and directory services, it becomes necessary to leverage MFA to ensure the user of a credential is actually the owner of it.

However, MFA most definitely isn’t a silver bullet. From simple social engineering methods like MFA prompt bombing or proxied logons, to advanced techniques designed to bypass MFA entirely, threat actors are finding ways to leverage compromised credentials despite organizations having MFA in place.

So, how is MFA being bypassed and what can you do about it?

In this Real Training for Free session, 4-time Microsoft MVP Nick Cavalancia takes my seat as he first takes a look at MFA’s promises, assumptions, and recent failings. This will include:

  • A look at MFA architecture
  • Various practical ways MFA is implemented today
  • Coverage of attacks that included bypassing MFA
  • Recommendations on how to better secure logons when MFA is involved

Next up, you’ll hear from Yiftach Keshet; VP of Product Marketing at Silverfort who will first discuss different ways attackers bypass MFA protection depending on the infrastructure, including:

  • Using malicious extensions to steal session tokens when MFA is used to access SaaS apps
  • Compromising the MFA server itself to bypass MFA for VPN

Yiftach will also discuss how attackers *avoid* MFA by access to attack surfaces for which MFA is not applicable. Examples he’ll cover include:

  • Using command line access tools like PsExec or Remote PowerShell that are built on legacy AD protocols
  • Distribute malicious payloads simultaneously to multiple machines by planting it in a shared folder

Yiftach will also discuss controls to gain better visibility into attacker authentication – regardless of whether MFA is used or not – and discuss ways to improve the state of security around MFA.

This Real Training for Free session will be full of applicable real-world content. Register now!

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Additional Resources