Russia-linked attackers breach NGO by exploiting MFA

News
Patch flaws and enforce authentication policies, CISA and FBI warn

Corey O'Connor, director of products at SaaS security vendor DoControl, added that access controls also are a key part of any mitigation strategy. Wrapping granular access controls around business-critical applications that include sensitive data would go a long way to preventing the data from being stolen.

"If MFA becomes compromised, there is still a lifeline through least privilege policy enforcement to minimize the access to that sensitive data," O'Connor told The Register in an email. "Potentially malicious or high-risk activity can be detected if the files are being accessed by unknown IP addresses or other parameters that present high levels of risk."

Read Full Article
Get updates to your inbox
Our latest tips, insights, and news
DoControl - SaaS data access control - Linkedin logoDoControl - SaaS data access control - Twitter logo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Our latest tips, insights, and news
Get updates to your inbox