CISA: Hackers bypassed MFA to access cloud service accounts (Bleeping Computer)

Bleeping Computer: CISA: Hackers bypassed MFA to access cloud service accounts. “While threat actors tried gaining access to some of their targets’ cloud assets via brute force attacks, they failed due to their inability to guess the correct credentials or because the attacked organization had MFA authentication enabled. However, in at least one incident, attackers were able to successfully sign into a user’s account even though the target had multi-factor authentication (MFA) enabled.”

Leave a Reply

%d bloggers like this: