While MFA is a crucial security measure, the Feb 21st breach at ByBit/Safe{Wallet} highlights how stolen authenticated sessions can bypass even the best preventive controls. Attackers hijacked AWS session tokens after compromising a developer’s laptop, exploiting elevated access to breach the cloud. This incident emphasizes that prevention alone is not enough, underscoring the need to focus on detecting identity-centric threats post-authentication to prevent the exploitation of authenticated sessions and avoid similar breaches. For more details, visit: https://lnkd.in/eAUHbBSp
Building the security backbone for web3.
2 天前Wouldn’t the root cause be the compromised laptop? SAFE has said no EDR was in place. Guessing the also had minimal tech in place to minimize inbound phishes. Seems like investing in both those would have been good ideas too. Calls into question their entire offering. If you aren’t doing the easy things right, you’re definitely not doing the hard things right. Wouldn’t be surprising if their entire platform is a house of cards.