<<< Hide Navigation Hide TOC >>>
Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc)
Detects successful authentication from potential clients using legacy authentication via user agent strings. This could be a sign of MFA bypass using a password spray attack.
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) | Attack Pattern | Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc) | Sigma-Rules | 1 |
Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) | Attack Pattern | Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc) | Sigma-Rules | 1 |
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) | Attack Pattern | Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) | Attack Pattern | 2 |