Platforms Enterprise It SecurityEnterprise Issue

Identity and MFA abuse to become trusted users and move laterally

April 4, 2026Cisco Talos Intelligence Group, Black Hills Information Security

Cisco Talos and Black Hills Information Security emphasize that attackers increasingly target identity systems and MFA workflows, then maintain persistence through privileged access paths, shifting enterprise defense toward identity hardening and monitoring.

Open in PulseSee the full expert discussion →

QUOTES

When Attackers Become Trusted Users

Targeting identity systems and MFA workflows

Establishing persistent, high-trust access

Using internal phishing to move laterally

Intro to PAMSkeletonKey for Persistence

VOICES

Cisco Talos Intelligence Group

Black Hills Information Security

RELATED TERMS

identity-securitypersistencelateral-movementmfaprivilege escalationlateral movement

OTHER FINDINGS IN PLATFORMS ENTERPRISE IT SECURITY

Claude Code source exposure via npm source map file Claude Code source leak, GitHub DMCA takedowns, and trojanized forks Help desk password reset social engineering bypassing 2FA

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security