Exploiting stolen session cookies to bypass multi factor authentication (MFA)


Sophos reports that active attackers are increasingly using session cookies that have been stolen to go beyond multi-factor authentication (MFA) and access corporate resources.

In certain instances, cookie theft itself is a highly focused attack in which adversaries scrape cookie data from compromised devices inside a network while disguising their malicious activities by utilising genuine executables. Using cookies, the attackers are able to gain access to corporate web-based and cloud resources. Read More…