Hi [[ session.user.profile.firstName ]]

The Many Ways to Hack Multi-Factor Authentication

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.

The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

- 12 ways hackers get around multi-factor authentication
- How to defend your multi-factor authentication solution
- The role humans play in a blended-defense strategy
Recorded Dec 2 2020 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Roger Grimes
Presentation preview: The Many Ways to Hack Multi-Factor Authentication

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Jan 27 2021 58 mins
    Roger Grimes (KnowBe4), David Littman
    There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and TruthInIT's David Littman as they dive into:

    - Why data backups (even offline backups) won’t save you
    - Evolved threats from data-theft, credential leaks, and corporate impersonation
    - Why ransomware isn’t your real problem
    - How your end users can become your best, last line of
    defense
  • Hacking Your Organization: 7 Steps Bad Guys Use to Take Control of Your Network Recorded: Jan 27 2021 61 mins
    Roger Grimes (Data-Driven Defense Evangelist, KnowBe4)
    The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

    In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the “Cyber Kill Chain” in detail to show you how a single email slip up can lead to the total takeover of your network.

    Roger will show you:
    - How detailed data is harvested using public databases and surprising techniques
    - Tricks used to craft a compelling social engineering attack that your users WILL click
    - Cunning ways hackers deliver malicious code to take control of an endpoint
    - Taking over your domain controller and subsequently your entire network

    But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late.
  • The Art of Invisibility featuring Kevin Mitnick and Perry Carptenter Recorded: Jan 27 2021 65 mins
    Kevin Mitnick, Perry Carpenter
    Corporate privacy concerns are more paramount right now than ever before. Organizations are being forced to maneuver a new world of security and privacy issues related to a remote workforce, evolving hardware/software needs, and employee access policies. Kevin Mitnick knows this world well. In fact, that's the topic of his book, The Art of Invisibility.

    Join us for this exclusive webinar as Kevin Mitnick, KnowBe4's Chief Hacking Officer, and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, enter into an eye-opening discussion of the expected and unexpected risks this workforce evolution brings.

    They will discuss topics including:

    - Privacy concerns around employees using personal devices for business purposes
    - Security issues with various operating systems, mobile devices, and the Internet of Things
    - The reality of "deep privacy" and how tied together devices, systems, and surveillance really are
    - Shocking new demonstrations that will change the way you think about privacy
    - Why new-school security awareness training is more critical than ever before
  • The Pesky Password Problem: Policies That Help You Gain the Upper Hand Recorded: Jan 26 2021 63 mins
    Roger Grimes
    What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

    For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

    Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

    In this webinar you'll learn:

    - Why passwords are so easy to hack and how the bad guys do it
    - How to craft a secure, risk-focused password security policy
    - The truth about password managers and multi-factor authentication and how they impact your risk
    - How to empower your end users to become your best last line of defense
  • Mitigating Ransomware in 2021 - A Q&A Webinar with Roger Grimes Recorded: Jan 25 2021 61 mins
    Roger Grimes (KnowBe4), David Davis (ActualTech Media)
    There’s no shortage of frightening ransomware statistics and news reports to scare the pants off of you, but what is in short supply is practical advice from experts on exactly what you need to know to prevent ransomware BEFORE it affects your network.

    This is your chance to get your ransomware questions answered so that you can PREVENT ransomware from compromising your organization in 2021. Join us for this webinar with security author, speaker, and expert - Roger Grimes, Security Awareness Advocate at KnowBe4 - who answers attendees burning questions!
  • Top 5 IT Security Myths Your CISO Believes Are True… BUSTED! Recorded: Jan 25 2021 62 mins
    Erich Kron, Roger Grimes
    Facts are facts, but what happens when IT security pros take myths at face value?

    That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

    - Good data backups will save you from ransomware
    - Long passwords are safer than short passwords
    - Running an obscure OS keeps your network safe
    - Every organization needs antivirus and firewalls on endpoints
    - End users can’t be trained; technology is your only defense
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Jan 22 2021 53 mins
    Roger Grimes
    There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

    After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

    Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

    - Why data backups (even offline backups) won’t save you
    - Evolved threats from data-theft, credential leaks, and corporate impersonation
    - Why ransomware isn’t your real problem
    - How your end users can become your best, last line of defense
  • Hackers Exposed: Kevin Mitnick Shares His Tradecraft and Tools Recorded: Jan 21 2021 64 mins
    Kevin Mitnick, Perry Carpenter
    Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the bad guys are preying on those vulnerabilities more savagely than ever.

    Join us for this exclusive webinar where Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer dive deep into the strategies cybercriminals are using to raise the stakes.

    In this webinar you’ll hear about:

    - Router configurations that put WFH and hybrid home/office endpoints in danger
    - New browser exploits that are making your employees more vulnerable
    - Why you can’t trust your trusted senders (supply chain attacks)
    - The ominous effects of several real-life ransomware attacks
  • Insights from Former CIA Analysts: Spotting Fake News to Protect Your Org Recorded: Jan 20 2021 61 mins
    Perry Carpenter, Rosa Smothers, Cindy Otis
    Fake news and disinformation have become an unfortunate part of our everyday lives. And the bad guys are using it to influence you and affect your organization. To help you interpret the barrage of confusing and oftentimes conflicting information, we have turned to the experts including former CIA Analysts, Rosa Smothers and Cindy Otis.

    Join Perry Carpenter, Chief Evangelist and Strategy Office at KnowBe4, along with Rosa, now KnowBe4’s SVP of Cyber Operations and Cindy, author of True or False: A CIA Analyst’s Guide to Identifying and Fighting Fake News, as they take on all things fake news.

    In this webinar you'll learn:
    - The different kinds of disinformation that bad actors use to trick you
    - How nation states use fake news to infiltrate your organization
    - Why disinformation is so dangerous
    - How to spot and avoid disinformation campaigns
    - Ways you can train your users to spot disinformation and keep your organization safe
  • Discover 5 Major Threats to Your Digital Supply Chain & How to Reduce Your Risk Recorded: Jan 15 2021 58 mins
    James McQuiggan
    You’ve heard that vendor dependencies are ripe for malicious abuse and you have read the stories where vendors were used to exploit and infiltrate their customers. Your organization’s data is a valuable asset to its success, but this means it is also valuable to outside bad actors that want to infiltrate your network.

    With so many third party support services, outsourcing, and regulatory requirements, how do you manage compliance, vendor risk and ensure your organization remains breach-free?

    Join James McQuiggan, Security Awareness Advocate at KnowBe4, as he discusses the five major threats to your digital supply chain. Find out why a Vendor Risk Management (VRM) program is an critical step to securing your organization from third-party services or vendor products.

    You’ll learn:

    - Why it's essential to understand the risk your vendors pose and how to secure your data
    - Steps to design (or re-designing) and implement a VRM program
    - Considerations to include in your VRM to secure your digital supply chain
    - How users influence the security of your organization’s data
    - How a GRC platform can support an organization's vendor risk management program
  • Malicious Browser Notifications: Attacks Not Blocked by Your Cyber Defense Recorded: Jan 13 2021 58 mins
    Roger Grimes, Data-Driven Defense Evangelist, KnowBe4
    Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop ups can wreak havoc on your network while remaining completely undetected. They look more realistic than traditional phishing methods and are designed to trick your unsuspecting users. This is just the latest in a list of sneaky browser attacks the bad guys use to infiltrate your network.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist to find out what you need to know now about malicious browser attacks and how to stop them.

    Attend this session to learn:

    - How legitimate websites are targeted to deliver these stealthy phishing attacks
    - Why browser notification phishing attacks bypass your cyber defenses
    - Other sneaky browser attacks the bad guys use to infiltrate your network
    - How to shore up your defenses and to protect against them all
  • Ransomware Hostage Rescue Manual Recorded: Jan 13 2021 61 mins
    Erich Kron
    Ransomware attacks are on the rise — and they’re estimated to cost global organizations $20 billion by 2021 with government agencies, healthcare providers, and educational institutions in the U.S. impacted by ransomware attacks at a cost of more than $7.5 billion in 2019 alone. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.

    So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.

    In this webcast we will cover:
    · What new scary ransomware strains are in the wild
    · Am I infected?
    · I’m infected, now what?
    · Proven methods of protecting your organization?
    · How to create a “human firewall”

    Don’t get held hostage and become a statistic! Join us to learn how to avoid these scary attacks.
  • 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys Recorded: Jan 5 2021 68 mins
    Roger Grimes
    Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, as he joins for this webinar where he will explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he'll share a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick.

    Roger will teach you:

    •How silent malware launches, remote password hash capture, and how rogue rules work
    •Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
    •Details behind clickjacking and web beacons
    •Actionable steps on how to defend against them all

    If all you were worried about were phishing attempts, think again!
  • When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust Recorded: Jan 4 2021 68 mins
    Kevin Mitnick, Perry Carpenter
    Today’s hackers are concealing their attacks in places you wouldn’t expect… utilizing tools your users know and trust to deliver their malicious payloads. Secure email services with end-to-end encryption and cloud storage solutions like Google Drive just aren’t as trustworthy as your end users believe.

    In this exclusive webinar Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist & Strategy Officer will show you why your users should think twice before trusting seemingly benign emails.

    In this session we’ll share:

    - Why you shouldn’t always trust legitimate providers like Google Drive
    - How hackers use safe email senders to bypass email security tools
    - The dangers of storing passwords in your browser
    - Actual phishing attacks we’re seeing in the wild
    - Eye-opening hacking demos you won't want to miss

    See the dangers lurking behind seemingly innocent actions for yourself. 
  • The Critical Need to Improve Your Compliance Processes Recorded: Dec 18 2020 58 mins
    Erich Kron
    You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary to manage the compliance process efficiently. The often-tedious processes related to compliance don’t have to be a burden or a risk. Your security and compliance can be aligned and made more efficient by reducing or eliminating redundant steps and using the right tools.

    Join Erich Kron, Technical Evangelist at KnowBe4, to learn how you can streamline your processes to effectively demonstrate compliance and save so much time.

    In this webinar we will discuss:

    - Common challenges organizations face regarding compliance
    - The dangerous impact non-compliance can have on your organization
    - Differences between organizational and departmental compliance
    - Find out how to streamline your audit processes, assign tasks, and organize evidence in a way that will save you tons of time.
  • It All Started with a Phish... Recorded: Dec 9 2020 60 mins
    Roger Grimes (Data-Driven Defense Evangelist, KnowBe4), David Bayer (VP Program Management & Product Marketing, Vailmail)
    We all have come to understand that most of the successful breaches started with a phishing attack. Through use of technologies such as DMARC, DKIM, SPF, MFA, and a host of great vendor solutions we can get our arms around this threat. Technologically. But people are people and we love to click on stuff. Now, we must get our employees involved in the shared responsibility of security and awareness. So, people are the answer? This panel will discuss how we carefully blend People, Process, and Technology to strengthen the organization together.
  • How to Combat Fake News & Disinformation being used to Attack Your Organisation Recorded: Dec 9 2020 21 mins
    Jacqueline Jayne
    A global cold war is being fought in cyberspace, and IT pros like you are finding themselves in the trenches. With all of this going on, how can you equip your employees and protect your networks from a malicious attack?

    Join Jacqueline Jayne, KnowBe4's Security Awareness Advocate for Australia for a deep dive into how the technology we rely on every day is being exploited to deliver powerful disinformation, misinformation, fake news, and other malicious exploits.

    We’ll discuss:

    - How both facts and lies are weaponised
    - Types of delivery systems (email, social media, videos, deep fakes, and more)
    - What’s being done to address these trends
    - Tips to protect your organisation and build your human firewall
  • An IT Pro's Experience: How To Conquer Human Error With Security Training Recorded: Dec 9 2020 62 mins
    Erich Kron (KnowBe4), David Tutwiler (South Western Communications)
    David Tutwiler, Director of Information Technology, South Western Communications, knows first hand what it’s like to have a security incident interrupt his evening. That spoofed CEO email requesting gift cards can certainly mimic real life circumstances. And when real life and threats in the wild come together, your planned downtime can turn into a nightmare.

    Throughout his many years as an IT Pro, David has learned that embracing security awareness training can help prevent those unsettling emergency calls. While he’s learned much of this on the job, one of his important recommendations is to learn from other IT pros’ experiences. And he’s here to share his insight with you.

    In this session, David Tutwiler CISSP, and Erich Kron, KnowBe4’s Security Awareness Advocate share their perspectives about the human element of security. Together, they discuss:

    - Reinforcing responsibility and good behavior with your end users
    - Advice for gaining leadership buy-in and demonstrating ROI
    - Tips for success when implementing your own security awareness strategy
  • Open Sesame! And Other Passwords Challenges Recorded: Dec 9 2020 52 mins
    Roger Grimes (KnowBe4), Tom Bechtold (SecureWorld)
    The password has been around a LONG time. It’ll probably always live on in some form. For InfoSec professionals it is a source of contention. Companies already have enough to worry about with the day in and day out business. Getting hacked because your employees utilize weak passwords isn’t part of the plan.

    In this session we are going to have a candid discussion with Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, on:

    - What challenges lay beyond weak passwords
    - Unpack browser password hacking
    - Breached passwords (think PasteBin)
    - Multi-Factor Authentication

    And a few others that will likely surprise you!
  • Critical Considerations for Privacy Compliance in Africa Recorded: Dec 3 2020 74 mins
    Anna Collard, Russell Nel, Lecio de Paula
    Approaching compliance can seem like a daunting task. With so many different things to consider, how do you know where to begin and what deserves your attention? To help you sort it out, we have turned to the experts to talk about implementation steps with the objective of sharing practical advice that will be useful for anyone working on privacy & data protection projects.

    In this webinar Russel Nel, South Africa’s first Certified Senior Lead Privacy Implementer, and KnowBe4’s Director of Privacy Lecio de Paula, and SVP of Content Strategy and Evangelist, Anna Collard discuss privacy principles and concepts that are common amongst most international privacy regulations.

    We discuss:
    - The differences between South Africa's Protection of Personal Information Act (POPIA) and GDPR
    - The drawback of relying too much on consent
    - The importance of security safeguards and which security frameworks to follow
    - How to conduct data mapping exercises
    - Obtaining executive support for your privacy program
    - The importance of educating and raising awareness about privacy inside your organization
Security Awareness Training
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Many Ways to Hack Multi-Factor Authentication
  • Live at: Dec 2 2020 3:00 pm
  • Presented by: Roger Grimes
  • From:
Your email has been sent.
or close