Active adversaries are increasingly exploiting stolen session cookies to bypass multi-factor authentication (MFA) and gain access to corporate resources, according to Sophos. In some cases, the cookie theft itself is a highly targeted attack, with adversaries scraping cookie data from compromised systems within a network and using legitimate executables to disguise the malicious activity. Once the attackers obtain access to corporate web-based and cloud resources using the cookies, they can use them for further exploitation … More
The post Exploiting stolen session cookies to bypass multi-factor authentication (MFA) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: