MFA: Lack of management and overconfidence “There is no insurmountable control and no intimidated adversaries”

MSc. Eduardo Chavarro Ovalle

Director del equipo para la región de América

Kaspersky

Colombia

Start date: 21 de March de 2024

Hour: 11:00 am

Campus: Palace of Conventions – Room 10

Event: 16th Iberoamerican Seminar on Information Technology Security

Abstract:

During the analysis of BEC (Business Email Compromise) incidents, we identified the compromise of email accounts using multiple techniques and taking advantage of different configuration and management weaknesses. Incidents that allowed attackers to transfer hundreds of thousands of dollars by impersonating critical people; but according to our research, mainly taking advantage of the trust and “liability discharge” that many users and IT administrators generate in the multi-factor authentication control. We will present incident scenarios, study frameworks used by attackers and some security recommendations for handling additional authentication controls.

How to take part?

Informática 2024 conceives the possibility of participation in the face-to-face and online modalities at its Scientific Convention and virtually at the Exhibition Fair.

Know the forms of participation in each one.

MFA: Lack of management and overconfidence “There is no insurmountable control and no intimidated adversaries”

How to take part?

You may be interested