Rule Info
Name
Potential MFA Bypass Using Legacy Client Authentication
Author
Harjot Singh, '@cyb3rjy0t'
Description
Detects successful authentication from potential clients using legacy authentication via user agent strings. This could be a sign of MFA bypass using a password spray attack.
Reference
Date
2023-03-20 00:00:00
Modified
None
Id
53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc
Tags
attack.initial_access attack.credential_access attack.t1078.004 attack.t1110 DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
github-actions[bot]
Merge PR #4700 from @nasbench - Promote older rules status from `experimental` to `test`
2024-02-01
Nasreddine Bencherchali
Merge PR #4476 from @nasbench - re-organize cloud folder and other things
2023-10-12