Tech Beacon
CISA Says Multiple Attacks on Cloud Services Bypassed Multifactor Authentication
SC Magazine
The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said it discovered several recent successful cyberattacks against the cloud services of multiple organizations, offering guidance on how security teams can bolster associated security. CISA said in its report that threat actors have used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a so-called “pass-the-cookie” attack that bypassed multifactor authentication to exploit cloud security weaknesses.