--[ MFA Is Not Enough!
--[ presenter ]--[ Dmitry Smilyanets
--[ scheduled ]--[
$ getent passwd dsmilyanets . ├─── name: Dmitry Smilyanets ├──── org: Recorded Future └─ social: └─ twitter: @ddd1ms
Mission-driven and Russian-speaking intelligence analyst with type A personality. Dmitry has twenty years of experience and expertise in cybercrime activity that includes being a former member of an elite Russian-based hacking organization. Currently, as a principal product manager, Dmitry is building the Recorded Future Identity Intelligence module that addresses the account takeover threat.
Many organizations rely on multi-factor authentication (MFA) for identity security. But, while MFA provides an extra layer of security, it’s not enough to secure credentials, often creating a false sense of security.
As an example, a new threat from cybercriminal group, Lapsus$ Group, appeared on the FBI's most-wanted list in March 2022, with one attack vector standing out: identities compromised with Infostealer Malware. In most cases, when the infection goes unnoticed, this malware obtains credentials saved in victims’ browsers. Hours, days, or years later, credentials to corporate or personal infrastructures are obtained by threat actors, who are able to seamlessly hijack sessions undetected, by appearing as an employee.