#mfa-bypass

[ follow ]
#plaintext-credentials #ransomware #endpoint-security #sonicwall-vpn #voidproxy #phishing-as-a-service
Information security
fromTheregister
7 hours ago

Ransomware crims broke in, found recovery codes in plaintext

Unencrypted recovery codes on a desktop enabled attackers to bypass MFA, compromise detection tools, steal credentials, and deploy ransomware across the network.
fromTheregister
4 days ago

Google, Microsoft account takeover made easy via VoidProxy

The phishes target any Google and Microsoft accounts, from small businesses to large enterprises, we're told. And while Okta didn't have a confirmed victim count, "we have observed high-confidence account takeovers in multiple entities," the threat intel team told us. "By extension, we expect Microsoft and Google will have observed a larger number of ATO events, given that VoidProxy proxies non-federated users directly with Microsoft and Google servers."
Information security
[ Load more ]