Multi-factor authentication (MFA) is among the most useful measures companies can use against the rise in credential attacks, but attackers are adapting, as demonstrated in a variety of bypasses that allowed them to infiltrate networks — even those protected by MFA. In an analysis of recent attacks, identity and access management firm CyberArk found at least four ways that attackers, including its own red teams, could circumvent MFA or at least greatly diminish its benefits.
Read full article on Dark Reading: Cloud