https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57742#M3856 <P>Hi All</P><P>&nbsp;</P><P>Multi-factor Authentication (MFA) has long ago become a standard security practice. With a wide consensus on its ability to fend off more than 99% percent of account takeover attacks, it's no wonder why security architects regard it as a must-have in their environments. However, what seems to be less known are the inherent coverage limitations of traditional MFA solutions. While compatible with RDP connection and local desktop logins, <STRONG>they offer no protection to remote command line access tools like PsExec, Remote PowerShell and their likes.</STRONG></P><P>&nbsp;</P><P><A href="https://thehackernews.com/2023/03/when-partial-protection-is-zero.html?_m=3n%2e009a%2e2987%2etv0ao44mgf%2e1ymu" target="_blank">https://thehackernews.com/2023/03/when-partial-protection-is-zero.html?_m=3n%2e009a%2e2987%2etv0ao44mgf%2e1ymu</A></P><P>&nbsp;</P><P>Have a good read and lets learn from the experience, the garden may not be as rosy as you think!</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 10:27:59 GMT Caute_cautim 2023-10-09T10:27:59Z https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57742#M3856 <P>Hi All</P><P>&nbsp;</P><P>Multi-factor Authentication (MFA) has long ago become a standard security practice. With a wide consensus on its ability to fend off more than 99% percent of account takeover attacks, it's no wonder why security architects regard it as a must-have in their environments. However, what seems to be less known are the inherent coverage limitations of traditional MFA solutions. While compatible with RDP connection and local desktop logins, <STRONG>they offer no protection to remote command line access tools like PsExec, Remote PowerShell and their likes.</STRONG></P><P>&nbsp;</P><P><A href="https://thehackernews.com/2023/03/when-partial-protection-is-zero.html?_m=3n%2e009a%2e2987%2etv0ao44mgf%2e1ymu" target="_blank">https://thehackernews.com/2023/03/when-partial-protection-is-zero.html?_m=3n%2e009a%2e2987%2etv0ao44mgf%2e1ymu</A></P><P>&nbsp;</P><P>Have a good read and lets learn from the experience, the garden may not be as rosy as you think!</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 10:27:59 GMT https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57742#M3856 Caute_cautim 2023-10-09T10:27:59Z https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57743#M3857 <P>We must see them before we can hear them…</P> Mon, 13 Mar 2023 05:30:47 GMT https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57743#M3857 Early_Adopter 2023-03-13T05:30:47Z https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57748#M3858 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/797288093">@Early_Adopter</a>Or experience it before you realise you have been compromised.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 13 Mar 2023 19:03:03 GMT https://community.isc2.org/t5/Tech-Talk/MFA-blind-spots-and-no-one-talks-about-it/m-p/57748#M3858 Caute_cautim 2023-03-13T19:03:03Z