SC Media reports that both user identities and suboptimal multi-factor authentication implementations have been increasingly targeted by threat actors during the third quarter.
More malicious actors have been deploying identity-based cyberattacks in an effort to leverage hijacked accounts for further social engineering intrusions, including business email compromise, that could facilitate more expansive network compromise, with brute force being the most prevalently leveraged attack technique, according to a report from Cisco Talos.
On the other hand, misconfigured MFA or spoofed login screens have been targeted in almost 50% of attacks between July and September.
"In nearly 40% of engagements, misconfigured, lack of MFA, and MFA bypass accounted for the top observed security weaknesses this quarter. MFA was bypassed or not fully enabled in 100% of the engagements which involved threat actors sending phishing emails to victims," said Cisco Talos researcher Caitlin Huey. The report comes amid vendor and government recommendations urging the replacement of less secure MFA methods.
