Skip to content

<<< Hide Navigation Hide TOC >>>

Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc)

Detects successful authentication from potential clients using legacy authentication via user agent strings. This could be a sign of MFA bypass using a password spray attack.

Galaxy ColorsAttack Pat...Sigma-Rule...
Rows: 3
Collapse filters
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Cluster A Galaxy A Cluster B Galaxy B Level
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) Attack Pattern Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc) Sigma-Rules 1
Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) Attack Pattern Potential MFA Bypass Using Legacy Client Authentication (53bb4f7f-48a8-4475-ac30-5a82ddfdf6fc) Sigma-Rules 1
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) Attack Pattern Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) Attack Pattern 2