Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

God requireth not a uniformity of religion. -- Roger Williams

computers / comp.dcom.telecom / Token tactics: How to prevent, detect, and respond to cloud token theft [telecom]

SubjectAuthor
o Token tactics: How to prevent, detect, and respond to cloud token theft [telecoBill Horne

1
Token tactics: How to prevent, detect, and respond to cloud token theft [telecom]

<20230302123056.GA1656511@telecomdigest.us>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=4096&group=comp.dcom.telecom#4096

  copy link   Newsgroups: comp.dcom.telecom
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!news.iecc.com!.POSTED.news.iecc.com!post.local
From: malQRMas...@gmail.com (Bill Horne)
Newsgroups: comp.dcom.telecom
Subject: Token tactics: How to prevent, detect, and respond to cloud token theft [telecom]
Date: Thu, 2 Mar 2023 07:30:56 -0500
Organization: The Telecom Digest
Sender: alias@iecc.com
Approved: telecom-moderator@telecom.csail.mit.edu
Message-ID: <20230302123056.GA1656511@telecomdigest.us>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970";
logging-data="31466"; mail-complaints-to="abuse@iecc.com"
Authentication-Results: iecc.com; spf=pass spf.mailfrom=moder8@telecomdigest.us spf.helo=telecomdigest.us smtp.remote-ip="71.19.144.55"; dmarc=none header.from=gmail.com polrec.p=none polrec.pct=100
Content-Disposition: inline
 by: Bill Horne - Thu, 2 Mar 2023 12:30 UTC

As organizations increase their coverage of multifactor authentication
(MFA), threat actors have begun to move to more sophisticated
techniques to allow them to compromise corporate resources without
needing to satisfy MFA. Recently, the Microsoft Detection and Response
Team (DART) has seen an increase in attackers utilizing token theft
for this purpose. By compromising and replaying a token issued to an
identity that has already completed multifactor authentication, the
threat actor satisfies the validation of MFA and access is granted to
organizational resources accordingly. This poses to be a concerning
tactic for defenders because the expertise needed to compromise a
token is very low, is hard to detect, and few organizations have token
theft mitigations in their incident response plan.

https://www.microsoft.com/en-us/security/blog/2022/11/16/token-tactics-how-to-prevent-detect-and-respond-to-cloud-token-theft/

--
(Please remove QRM for direct replies)

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor