Explore the evolving landscape of authentication proxy attacks in this 46-minute conference talk from BSidesLV. Delve into the history of evilnginx and its impact on stealing authentication session tokens from MFA-enabled logon processes. Examine the recent rise of EvilProxy and similar platforms, which have enabled cybercriminals to compromise targets with strong authentication without resorting to traditional methods. Learn about the tactics, tools, and procedures used in MFA-enabled account takeovers, and discover the inherent weakness in these attacks that allows for effective hunting, detection, mitigation, and blocking. Gain valuable insights into protecting organizations against these sophisticated threats, especially in sectors where phish-resistant MFA adoption is still emerging.
Authentication Proxy Attacks: Detection, Response and Hunting
Overview
Syllabus
BG - Authentication Proxy Attacks: Detection, Response and Hunting
Taught by
BSidesLV
Related Courses
-
Advanced Threat Hunting and Incident Response
-
Detect, Respond, and Recover from Cloud Cybersecurity Attacks
-
Secrets of the Second Factor - Threat Hunting with Multi Factor Authentication
-
Unraveling and Countering Adversary-in-the-Middle (AiTM) Phishing Attacks
-
O365- Current Attack Trends, David Stubley, 7 Elements
-
How Much Is The Phish? Evolving Defenses Against Evilginx Reverse Proxy Phishing
