Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services
Graham Cluley writes:
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks.
According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety of corporate laptops and personal devices during the COVID-19 pandemic.
CISA has observed that the attackers have used a variety of techniques, including phishing and brute force login attempts to exploit human weaknesses and the security configuration of corporate cloud accounts.
Read more on Tripwire.