CISA: Hackers bypassed MFA to access cloud service accounts

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,143
Content source
https://www.bleepingcomputer.com/news/security/cisa-hackers-bypassed-mfa-to-access-cloud-service-accounts/
The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
"CISA is aware of several recent successful cyberattacks against various organizations’ cloud services," the cybersecurity agency said on Wednesday.
"The cyber threat actors involved in these attacks used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a 'pass-the-cookie' attack—to attempt to exploit weaknesses in the victim organizations’ cloud security practices."
Click to expand...
"In addition to modifying existing user email rules, the threat actors created new mailbox rules that forwarded certain messages received by the users (specifically, messages with certain phishing-related keywords) to the legitimate users’ Really Simple Syndication (RSS) Feeds or RSS Subscriptions folder in an effort to prevent warnings from being seen by the legitimate users," CISA added.
Click to expand...
www.bleepingcomputer.com

CISA: Hackers bypassed MFA to access cloud service accounts

The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: SeriousHoax, Cleo, ForgottenSeer 85179 and 7 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Replies
0
Views
1,061
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Security News Cisco Duo warns third-party data breach exposed SMS MFA logs
Replies
1
Views
365
Security News
Practical Response
Practical Response
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Retool blames breach on Google Authenticator MFA cloud sync feature
Replies
8
Views
1,652
News Archive
Sandbox Breaker
Sandbox Breaker

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top