Two Factor Too Furious - Evading and Protecting Evolving MFA Schemes
Offered By: YouTube
Course Description
Overview
Explore the evolving landscape of multi-factor authentication (MFA) schemes and learn techniques for both evading and protecting against advanced attacks in this 47-minute conference talk from Derbycon 2018. Delve into pre-authentication setups, real-time phishing methods, and post-authentication strategies for surveying and exploiting vulnerabilities. Examine post-exploitation techniques targeting MFA management and integration, and discover defense-in-depth approaches for pre-authentication and post-exploitation scenarios. Gain valuable insights into the complexities of modern MFA systems and how to strengthen security measures against sophisticated evasion tactics.
Syllabus
Intro
Roadmap
Introduction
An Evolving Multi-factor Landscape
Pre-Authentication: The Setup
Pre-Authentication: Casing the Joint
Real-Time Phishing with Reel Phish
Honorable mention: Exchange
Pre-Authentication - What MFA isn't
Pre-Authentication - Attack Phones
Post-authentication - Surveying the Land
Post-authentication - Making a New Set of Keys
Post-Exploitation - When The Attacker Has Everything
Post-Exploitation -Targeting MFA Management
Post-Exploitation - Targeting MFA Integration
Post-Exploitation - Fail Un safe?
Defense-in-Depth - Pre-Authentication
Defense-in-Depth - Post-Exploitation
Summary
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network