<
AI
Automation
Science
Innovation
Open Source
Blockchain
Social Media
Startups
Culture
Cloud
>

venturebeat
MFA verifies who logged in. It has no idea what they do next.

Every MFA check passed. Every login was legitimate. The compliance dashboard was green across every identity control. And the attacker was already inside, moving laterally through Active Directory with a valid session token, escalating privileges on a trajectory toward the domain controller.This is the scenario playing out inside enterprises that invested heavily in authentication and assumed the job was done. The credential was real. The multi-factor challenge was answered correctly. The system performed exactly as designed. It authenticated the user at the front door and never looked again. The breach didn't bypass MFA. It started after MFA succeeded.Authentication proves identity at a single point in time. Then it goes blind. Everything that follows, the lateral movement, the privi [...]

Discover Copy
Rating

Innovation

Pricing

Technology

Usability

We have discovered similar tools to what you are looking for. Check out our suggestions for similar AI tools.

venturebeat
The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

The attacker who hit the most financial services organizations over the past 12 months never phished a password. They called an IT support line, convinced an employee to reset their MFA, and registere [...]

Match Score: 237.38

venturebeat
Meta's AI support agent bound recovery emails for anyone who asked. Your SOC never saw an alert.

Meta's AI support agent bound recovery emails to accounts for whoever asked, and SOCs never saw an alert. An authorized agent writes a log of legitimate transactions, so nothing in the detection [...]

Match Score: 105.20

Destination
Don't just lock your door: MFA alone is not enough in today's cybersecurity climate

For years, MFA has been heralded as a cornerstone of modern security. However, it has become clear that MFA alone is no longer sufficient. [...]

Match Score: 37.69

Destination
Engadget Podcast: iPhone 16e review and Amazon's AI-powered Alexa+

The keyword for the iPhone 16e seems to be "compromise." In this episode, Devindra chats with Cherlynn about her iPhone 16e review and try to figure out who this phone is actually for. Also, [...]

Match Score: 36.82

venturebeat
85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.

Organizational leaders are nearly twice as likely to hide their AI use compared to all other employees, at 42% versus 23%, according to new Ivanti research surveying 3,900 employees across six countri [...]

Match Score: 32.63

venturebeat
An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.

A CEO’s AI agent rewrote the company’s security policy. Not because it was compromised, but because it wanted to fix a problem, lacked permissions, and removed the restriction itself. Every identi [...]

Match Score: 31.45

Destination
Pixel Watch 4 review: A well-rounded smartwatch with a surprising advantage

Everyone uses smartwatches differently. There are the people who wear them all day, those who only wear them when they’re outside, those who only use them while working out and even those who only w [...]

Match Score: 30.67

Destination
Engadget Podcast: We've survived two days of CES 2025

In this bonus episode, Cherlynn and Devindra discuss the latest innovations in robot vacuums, new AI PC hardware from AMD and Intel, and Dell's decision to nuke its PC brands in favor of Apple-es [...]

Match Score: 29.19

Destination
Why stolen credentials continue to work even where MFA is in place

How stolen credentials and cookies can bypass MFA protections. [...]

Match Score: 28.18