Infostealers: How attackers are stealing your cookies and bypassing MFA
A few months ago, the Snowflake breach shone a light on the threats posed by infostealers. In it, 80% of the credentials used were seen in infostealer infections dating back to 2020. Naturally, the fact that the credentials that facilitated one of the largest breaches in history were just sitting around on the internet is seriously alarming.
Attackers are also increasingly using infostealers to steal authenticated user sessions, bypass MFA and take over corporate accounts. From there, they can access and steal sensitive data, take over critical functionality, and pivot to conduct more traditional attacks like deploying ransomware.
Join Luke Jennings, VP R&D at Push Security, as he rolls up his sleeves to demonstrate:
How attackers use infostealers to steal sessions and compromise MFA-protected services like M365.
How attackers use residential VPNs to bypass conditional access policies.
How downstream SaaS app sessions can be stolen to avoid the need to access highly protected IDPs like Microsoft and Okta.