Summary of #ThreatHunting #DFIR tips for week 7:
1) Hunt for MFA bombing and suspicious MFA prompt generation:
Quote Tweet
#ThreatHunting Tip of the day: #Lapsus highlighted the weaknesses of certain MFA options . Specifically push approvals. Once they had the victims credentials, they would simply spam users with MFA prompts until they got approved. Hunt methods
Show this thread
1
1
Show this thread