Author Topic: Hackers Bypass MFA on Cloud Accounts via IMAP Protocol  (Read 19 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3363
    • View Profile
Hackers Bypass MFA on Cloud Accounts via IMAP Protocol
« on: March 16, 2019, 01:23:13 am »
By Ionut Arghire on March 15, 2019

Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports.

Targeted brute-force attacks have increased in sophistication over the past months, attempting to compromise accounts using variations of the usernames and passwords exposed in large credential dumps, and phishing campaigns continued to provide additional avenues into corporate accounts.

An analysis of over one hundred thousand unauthorized logins across millions of monitored cloud accounts revealed that more than 2% of the user accounts were targeted, and that 15 in 10,000 were successfully breached.

Full Article Here:https://www.securityweek.com/hackers-bypass-mfa-cloud-accounts-imap-protocol
Webroot
VoodooShield
Trojan Remover