With so many phishing attacks targeting credentials to be used in a later campaign, more organizations are getting the hint that they need to have MFA in place for at least those users with access to critical resources and/or valuable data, if not everyone. However, what happens when the threat actor has the credentials but doesn't have the additional forms of authentication?
I invited Sally Vincent, Threat Research Senior Engineer at LogRhythm to join me on Tech Talks Daily. Listen in as we discuss how organizations can identify unusual authentication activity and explore mitigation strategies to stay ahead of phishing attacks.