Root Causes 214: New DUO MFA Flaw Explained

05/04/2022 11 min

Listen "Root Causes 214: New DUO MFA Flaw Explained"

Descargar episodio Ver en sitio original

Episode Synopsis

A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA, which exploits weaknesses in Active Directory to provision credentials on DUO for malicious parties. This is an unusual story in several ways, including the fact that the exploit is based on a configuration error and that it's specific to a single, popular SaaS offering. Our hosts explain this exploit and why it is noteworthy.

More episodes of the podcast Root Causes: A PKI and Security Podcast

Root Causes 546: New Research Codifies Arguments for and Against QWACs 12/11/2025

Root Causes 545: What Is MOSH? 10/11/2025

Root Causes 544: What Is Chain of Lure? 05/11/2025

Root Causes 543: AI Finds a Zero Day 05/11/2025

Root Causes 542: Use Cases for HQC 02/11/2025

Root Causes 541: Introducing the HQC PQC Algorithm 31/10/2025

Root Causes 540: Contextual CBOM 27/10/2025

Root Causes 539: What Is the Two-QWAC Architecture? 22/10/2025

Root Causes 538: What Is an Entropy Desert? 20/10/2025

Root Causes 537: The Thermodynamics of Privacy 17/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

Root Causes 214: New DUO MFA Flaw Explained

Listen "Root Causes 214: New DUO MFA Flaw Explained"

Episode Synopsis

More episodes of the podcast Root Causes: A PKI and Security Podcast

Deep web or Invisible Internet

Preparing for a Hacker Threat

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Internet Predators on the prowl

Gray Hat Hacking, those with ambiguous ethics…

Dot COM: The Internet’s dominant TLD