Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA


Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.



Threat actors are stealing authentication tokens already verified by multifactor authentication (MFA) to breach organizations systems. 
A new alert from Microsoft Detection and Response Team (DART), said
token theft for MFA bypass
 is particularly dangerous because it requires little technical expertise to pull off, its tough to detect, and most organizations havent considered token theft as part of their incident response plan. And as employees increasingly access systems through personal devices, security controls are weaker and malicious activity is hidden from the security teams view. 
Full visibility into devices reduces token theft risk, but DART concedes thats difficult with so many unmanaged devices accessing the network. For unmanaged devices, they recommend conditional access policies and strong controls. 
As far as mitigations go, publicly available open-source tools for exploiting token theft already exist, and commodity credential theft malware has already been adapted to include this technique in their arsenal, DART added in its blog post about the
MFA workaround
. Detecting token theft can be difficult without the proper safeguards and visibility into authentication endpoints. 

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA