Explore the evolving landscape of authentication proxy attacks in this 46-minute conference talk from BSidesLV. Delve into the history of evilnginx and its impact on stealing authentication session tokens from MFA-enabled logon processes. Examine the recent rise of EvilProxy and similar platforms, which have enabled cybercriminals to compromise targets with strong authentication without resorting to traditional methods. Learn about the tactics, tools, and procedures used in MFA-enabled account takeovers, and discover the inherent weakness in these attacks that allows for effective hunting, detection, mitigation, and blocking. Gain valuable insights into protecting organizations against these sophisticated threats, especially in sectors where phish-resistant MFA adoption is still emerging.
Authentication Proxy Attacks: Detection, Response and Hunting
Overview
Syllabus
BG - Authentication Proxy Attacks: Detection, Response and Hunting
Taught by
BSidesLV
Related Courses
-
Advanced Threat Hunting and Incident Response
-
Detect, Respond, and Recover from Cloud Cybersecurity Attacks
-
Incident Detection and Response
-
Secrets of the Second Factor - Threat Hunting with Multi Factor Authentication
-
O365- Current Attack Trends, David Stubley, 7 Elements
-
Fishing for Security - Reeling in Phishing Attacks Across a Global Organization
