Thanks baker
>ain't no disco
was me, answering the anon
kek
Sleep well anon
G'night baker
SOLAR WIND HACKERS GOT ACCESS TO SYSTEMS THROUGH GATES OUTLOOK WEB APP
Researchers from security firm Volexity said on Monday that it had encountered the same attackers in late 2019 and early 2020 as they penetrated deep inside of a think tank organization no fewer than three times.
During one of the intrusions, Volexity researchers noticed the hackers using a novel technique to bypass MFA protections provided by Duo. After having gained administrator privileges on the infected network, the hackers used those unfettered rights to steal a Duo secret known as an akey from a server running Outlook Web App, which enterprises use to provide account authentication for various network services.
The hackers then used the akey to generate a cookie, so theyโd have it ready when someone with the right username and password would need it when taking over an account. Volexity refers to the state-sponsored hacker group as Dark Halo. Researchers Damien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, and Thomas Lancaster wrote:
https://arstechnica.com/information-technology/2020/12/solarwinds-hackers-have-a-clever-way-to-bypass-multi-factor-authentication/