Dark Reading has written an article about the recent reddit hack and how the details that have been released demonstrate the limitations of two-factor authentication and the benefits of employee training. Despite reddit requiring the use of two-factor authentication internally, attackers were still able to convince an employee to click on a malicious link and harvest their credentials. As WaterISAC has reported previously, as more organizations move to two-factor authentication, more methods to bypass its most common implementations are being discovered by threat actors. However, this breach also demonstrated the value of employee training, as the reddit employee quickly grew suspicious after entering their credentials into the phishing site. They knew to contact IT promptly, which significantly reduced the duration the attackers had uncontested access to the network. Read more at Dark Reading.
Prior WaterISAC reporting on MFA Bypass
