Two-Factor, Too Furious: Subverting (and Protecting) Multi-factor Authentication
Austin Baker, Sr. Consultant (Mandiant), Patrick Charbonneau, Consultant (Mandiant)
About this talk
Multi-Factor Authentication (MFA) is the standard for protecting sensitive systems and credentials. What once was limited to physical tokens and keycodes has expanded into digital tokens, phone applications, and password vaults, all in the effort to offer additional safeguards for critical access points like VPN connectivity and system administrator accounts.
While MFA is now an industry-standard security practice, monitoring and protecting these implementations from exploitation is not widely practiced.
Gathered from the trenches of both our Incident Responders and Red Teamers, here is a quick introduction to the problems faced with common MFA systems, the ways real-world attackers (e.g. APT28 & ATP29) and our Red Team have bypassed or subverted them, and some techniques your team can use to further protect the multi-factor keys to your kingdom.
Register today to learn from our experts.
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.…