Two Factor Too Furious - Evading and Protecting Evolving MFA Schemes
Offered By: YouTube
Course Description
Overview
Explore the evolving landscape of multi-factor authentication (MFA) schemes and learn techniques for both evading and protecting against advanced attacks in this 47-minute conference talk from Derbycon 2018. Delve into pre-authentication setups, real-time phishing methods, and post-authentication strategies for surveying and exploiting vulnerabilities. Examine post-exploitation techniques targeting MFA management and integration, and discover defense-in-depth approaches for pre-authentication and post-exploitation scenarios. Gain valuable insights into the complexities of modern MFA systems and how to strengthen security measures against sophisticated evasion tactics.
Syllabus
Intro
Roadmap
Introduction
An Evolving Multi-factor Landscape
Pre-Authentication: The Setup
Pre-Authentication: Casing the Joint
Real-Time Phishing with Reel Phish
Honorable mention: Exchange
Pre-Authentication - What MFA isn't
Pre-Authentication - Attack Phones
Post-authentication - Surveying the Land
Post-authentication - Making a New Set of Keys
Post-Exploitation - When The Attacker Has Everything
Post-Exploitation -Targeting MFA Management
Post-Exploitation - Targeting MFA Integration
Post-Exploitation - Fail Un safe?
Defense-in-Depth - Pre-Authentication
Defense-in-Depth - Post-Exploitation
Summary
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube