Daily Tech News, Interviews, Reviews and Updates

Active adversaries are increasingly exploiting stolen session cookies to bypass MFA

Active adversaries are more and more exploiting stolen session cookies to bypass multi-factor authentication (MFA) and get access to corporate resources, according to Sophos.

In a few cases, the cookie theft itself is a highly targeted attack, with adversaries scraping cookie data from compromised systems within a network and using legitimate executables to disguise the malicious activity, Help Net Security reports.

Once the hacker has obtained access to corporate web-based and cloud resources using the cookies, they can be using them for further exploitation such as business email compromise, social engineering to gain additional system access, and even modification of data or source code repositories.

Sophos principal threat researcher, Sean Gallagher said that over the past year, they have seen hackers increasingly turn to cookie theft to work around the growing adoption of MFA.

Sean believes that the attackers are shifting to new and improved versions of information stealing malware like Raccoon Stealer for simplifying the process of obtaining authentication cookies, also known as access tokens.

He further says that if attackers have session cookies, they can move freely around a network, impersonating legitimate users.

 

 



Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More