The Texas General Land Office (GLO) security team will provide an over of AitM (Adversary in the Middle) attacks. AitM attacks are able to evade MFA protections and steal the victim’s session cookie; attackers use the session cookie to gain access to victim accounts. The presentation structure is as follows:
- AitM attack overview
- Discuss AitM attack that targeted the GLO
- We setup a simulated attack and walk you through the attacker/victim perspectives.
- Incident response
- Recommendations to reduce attack risk
Presenters: Juan Sanchez and Arturo Montalvo from the General Land Office