Feeds.Feedburner
Identity-Based Attacks Target Authentication Systems and Credentials
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Recent identity-based attacks have exploited vulnerabilities in authentication systems, targeting credentials and identity infrastructure. Notable incidents include the compromise of over 18,000 routers by APT28 to steal OAuth tokens, a breach of France's National Agency for Secure Documents exposing citizen data, and phishing attacks using legitimate vendor notifications. Attackers bypassed multi-factor authentication (MFA) without breaking cryptography, indicating a shift in focus towards the identity attack surface. The incidents affected numerous organizations and individuals, with the router compromise impacting over 200 organizations and 5,000 consumer devices. These attacks highlight the need for enhanced security measures around authentication processes and trust relationships. Current defenses must adapt to prevent unauthorized access from authenticated sessions.
Key Points: • Identity-based attacks are increasingly targeting authentication systems rather than application code. • APT28 compromised over 18,000 routers to harvest OAuth tokens, affecting 200 organizations. • Recent breaches exposed sensitive data and demonstrated the limitations of current MFA implementations.