The US Cybersecurity and Infrastructure Security Agency (CISA) reveals that hackers bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
The cyber security agency said on Wednesday, “CISA is aware of several recent successful cyber-attacks against various organizations’ cloud services. The cyber threat actors involved in these attacks used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a ‘pass-the-cookie’ attack—to attempt to exploit weaknesses in the victim organizations’ cloud security practices.”
CISA says hackers could defeat MFA authentication protocols as part of a ‘pass the cookie’ attack where attackers hijack an already authenticated session using stolen session cookies to log into web apps or online services.
To Read More: BleepingComputer