Active Adversaries Increasingly Exploit Stolen Session Cookies to Bypass Multi Factor Authentication and Gain Access to Corporate Resources, Sophos Reports
OXFORD, U.K. – Aug. 18, 2022 – Sophos, a global leader in next-generation cybersecurity, today announced in the Sophos X-Ops report, “Cookie stealing: the new perimeter bypass,” that active adversaries are increasingly exploiting stolen session cookies to bypass Multi-Factor Authentication (MFA) and gain access to corporate resources. In some cases, the cookie theft itself is a highly targeted attack,…