New vuln in Microsoft Active Directory lets attackers bypass multi-factor authentication

guest · Aug 14, 2018

New vuln in Microsoft Active Directory lets attackers bypass multi-factor authentication
August 14, 2018
https://www.cyberscoop.com/microsoft-active-directory-vulnerability-multi-factor-authenication/

A vulnerability in Microsoft’s popular identity management directory could let an attacker breach multiple employee accounts in an organization by circumventing multi-factor authentication, according to new research from identity security company Okta.

The directory in question is Microsoft’s Active Directory Federation Services (ADFS) [...]
A weakness in the multi-factor authentication protocol for ADFS means that a hacker equipped with a user’s password and second “factor,” such as an SMS message, could use that factor in place of any other employee’s in the organization, according to Okta.

“Simply put, if just one employee in a global company wanted to – or if a bad actor compromised the account of one employee – they could do a lot of harm by compromising unsuspecting colleagues, senior executives, or even the CEO with this vulnerability,” wrote Matias Brutti, Okta’s director of research and exploitation.

The vulnerability stems from a “failure to cryptographically enforce the integrity and authenticity of relationships between the two pieces of identity — the primary credentials and the second factor,” Lee wrote.
Click to expand...

Log in or Sign up

New vuln in Microsoft Active Directory lets attackers bypass multi-factor authentication

guest Guest

Log in or Sign up

New vuln in Microsoft Active Directory lets attackers bypass multi-factor authentication

guest Guest

Useful Searches