New attack tactics look to bypass MFA and target security blindspots

No Comments
Multifactor authentication

A new report from AI-powered managed extended detection and response company Ontinue shows a sharp rise in MFA-bypassing identity attacks in the first half of the year.

These attacks are using token replay abuse with roughly 20 percent of live incidents involving adversaries reusing stolen refresh tokens to bypass MFA, even after password resets.

The findings also reveal that while ransomware remains one of the most disruptive threats, adversaries are increasingly focused on identity-based attacks in the cloud, persistence in Azure environments, and even ‘back to basics. tactics like USB-delivered malware.

Over 70 percent of attachments found bypassing secure email gateways were formats like SVG or IMG, not traditional Office documents. Ontinue has also observed a 27 percent increase in USB-borne malware compared to late 2024, reinforcing the ongoing risk of removable media. A 2024 Honeywell study showed 51 percent of USB-based threats could cause major disruption in enterprise and industrial environments.

Third-party risk remains a major issue too, nearly 30 percent of incidents were linked to vendor compromise, including supply chain attacks targeting retailers and manufacturers.

“Cybercriminals are operating with the speed and adaptability of modern businesses. They pivot, rebrand, and retool in weeks, not months,” says Craig Jones, chief security officer at Ontinue. “In the first half of 2025, we’ve seen ransomware operators overcome takedowns, PhaaS services scale globally, and state-aligned actors target the private sector with increasing precision. Organizations can’t afford to approach security as a static project, it’s a continuous, intelligence-led process.”

You can get the full report, which also outlines practical defensive measures, including phishing-resistant MFA, hardened endpoint configurations, and robust vendor risk management, from the Ontinue site.

Image credit: Jirsak/depositphotos

Tags: , , , ,
No Comments
Got News? Contact Us

Recent Headlines

New attack tactics look to bypass MFA and target security blindspots

Hardware vulnerabilities soar amid spread of IoT devices

Phishing is now the main entry point for ransomware

Meta reminds the world about Facebook Dating by launching new features

Grindr forces its own brand of AI on angry users

Windows 11 will let you use video wallpapers – here’s how to do it now

MX Linux 25 beta arrives with Debian 13 base and updated desktops

Most Commented Stories

This updated Windows 11 clone is Linux underneath and makes your old PC run faster -- get it now

18 Comments

As Windows 10 reaches end of life, Windows 11 is LOSING market share

16 Comments

The brilliant Windows 12 is everything Windows 11 isn't -- and the Microsoft OS we deserve

11 Comments

With Windows 10 support ending soon, Zorin OS 18 Beta arrives as the ultimate alternative to Windows 11

10 Comments

Age verification laws are killing web traffic

9 Comments

Forget Tiny11, Nano11 takes Windows 11 debloating to the next level

9 Comments

Microsoft is rolling out Windows 11 25H2

5 Comments

Brits warned of scams ahead of emergency alert test

5 Comments

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.