Had always known it had vulnerabilities, here is an example. Still a good approach to utilize. Note the approach requires theft of software tokens.
Chinese Hacker Group Caught Bypassing 2FA
By ZDNet, January 2, 2020
Dutch cybersecurity firm Fox-IT said in a report that a hacker group associated with the Chinese government has been bypassing two-factor authentication (2FA) in a recent series of attacks.
The chief target of the recent attacks by APT20 group, which is believed to operate at the behest of China's government, were government entities and managed service providers in fields including aviation, healthcare, finance, insurance, and energy. The Fox-IT analysts said the group used Web servers as the initial point of intrusion, with special emphasis on the JBoss enterprise application platform often found in large corporate and government networks.
The analysts determined the hackers linked to virtual private networks shielded by 2FA, theoretically by stealing an RSA SecurID software token from a hacked system, then using the token on its computers to produce valid one-time codes and bypass 2FA at will.
From ZDNet
View Full Article
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment