Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Two Factor Too Furious - Evading and Protecting Evolving MFA Schemes

via YouTube

Overview

Explore the evolving landscape of multi-factor authentication (MFA) schemes and learn techniques for both evading and protecting against advanced attacks in this 47-minute conference talk from Derbycon 2018. Delve into pre-authentication setups, real-time phishing methods, and post-authentication strategies for surveying and exploiting vulnerabilities. Examine post-exploitation techniques targeting MFA management and integration, and discover defense-in-depth approaches for pre-authentication and post-exploitation scenarios. Gain valuable insights into the complexities of modern MFA systems and how to strengthen security measures against sophisticated evasion tactics.

Syllabus

Intro
Roadmap
Introduction
An Evolving Multi-factor Landscape
Pre-Authentication: The Setup
Pre-Authentication: Casing the Joint
Real-Time Phishing with Reel Phish
Honorable mention: Exchange
Pre-Authentication - What MFA isn't
Pre-Authentication - Attack Phones
Post-authentication - Surveying the Land
Post-authentication - Making a New Set of Keys
Post-Exploitation - When The Attacker Has Everything
Post-Exploitation -Targeting MFA Management
Post-Exploitation - Targeting MFA Integration
Post-Exploitation - Fail Un safe?
Defense-in-Depth - Pre-Authentication
Defense-in-Depth - Post-Exploitation
Summary

Reviews

Start your review of Two Factor Too Furious - Evading and Protecting Evolving MFA Schemes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.