Skip to content

Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA

  • by

​Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as:

147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft). 
Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google).

But session hijacking isn’t a new technique – so Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as:

147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft). 
Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google).

But session hijacking isn’t a new technique – so  The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *