How MFA Misconceptions Enable Lateral Movement

Ymir Vigfusson
August 6, 2024

Blog Post

The Unseen Storm: How China’s Typhoon APT Groups Are Setting the Stage for Cyberwarfare

For years, Chinese state-sponsored attackers have moved through the networks of the most critical industries—telecommunications, energy, defense, and government. Not to vandalize, not to ransom, but to wait.

April 17, 2025

Privileged Access Management in Modern Threat Landscapes: Exposing the Gaps Hackers Exploit

PAM helped us limit the scope and timing of access but - like in any arms race - our opposition learned and adapted to a new class of attacks.

Ymir Vigfusson
April 10, 2025

Attacking the Client: MFA Bypass Targeting Workstations

Cybercriminals are relentless and resourceful in their pursuit of vulnerabilities, and company employees and contractors often find themselves at the front line.

Ymir Vigfusson
April 2, 2025

Cracking the Foundation: How Attackers Exploit Authentication Infrastructure

Multi-factor authentication (MFA) is a critical line of defense in cybersecurity, but the trust we place in its underlying infrastructure can be exploited.

Ymir Vigfusson
March 27, 2025

Skjaldtorg: Iceland’s Cybersecurity Meetup Nov24

It’s time for our second informal Icelandic forum for cybersecurity. Skjaldtorg: Iceland’s Cybersecurity Meetup, aimed at professionals responsible for cybersecurity within their organizations.

Ymir Vigfusson
November 25, 2024

Hacking Humans – An MFA Challenge

Multi-factor authentication (MFA) has long been seen as a strong defense against unauthorized access.

Ymir Vigfusson
September 10, 2024

Skjaldtorg: Iceland’s Cybersecurity Meetup

It’s time for an informal Icelandic forum for cybersecurity. We are pleased to announce Skjaldtorg: Iceland’s Cybersecurity Meetup, aimed at professionals responsible for cybersecurity within their organizations.

Ymir Vigfusson
August 26, 2024

Bypassing MFA: Understanding the 3 Categories of Bypass Techniques

Multi-factor authentication (MFA) is viewed as a key component of modern cybersecurity, but it’s far from invincible.

Ymir Vigfusson
August 20, 2024

How MFA Misconceptions Enable Lateral Movement

For all its merits, over reliance on Multi-Factor Authentication (MFA) has become a real security problem.

Ymir Vigfusson
August 6, 2024

Keystrike is Now SOC 2 Compliant

At Keystrike nothing is more important to us than customer success, and success is built upon trust.

Ymir Vigfusson
June 4, 2024

How Lateral Movement Happens: A Step-by-Step Breakdown

Lateral movement is a stealthy and dangerous technique employed by cybercriminals to infiltrate and exploit secure networks.

Ymir Vigfusson
April 25, 2024

Social Engineering vs Phishing: Understanding the Differences

Cybercriminals employ various methods and techniques to exploit vulnerabilities and gain unauthorized access to sensitive information.

Árni Thor Árnason
April 16, 2024

Addressing Unmanageable Vulnerabilities in Remote Desktop Protocol: What’s the Next Step?

Remote desktop protocol (RDP) has become an integral part of modern computing. It allows users to connect to and control remote computers, providing seamless access to resources and applications.

Ymir Vigfusson
April 7, 2024

How Hackers Use MFA Fatigue to Achieve Social Engineering

Cyber threats are becoming increasingly sophisticated, and one of the methods employed to achieve social engineering is through exploiting MFA (Multi-Factor Authentication) fatigue.

Árni Thor Árnason
March 21, 2024

Reverse Social Engineering: Preying On Role Reversal

The commonly known term social engineering refers to the act of manipulating people to gain access to confidential information or to influence their behavior.

Ymir Vigfusson
March 18, 2024

Zero Trust: How Organizations Can Implement Secure Networks

Cyber threats are becoming increasingly sophisticated, organizations need to adopt a proactive approach to network security.

Ymir Vigfusson
March 8, 2024

What is MFA Fatigue?

MFA, or Multi-Factor Authentication, has become an integral part of our digital lives. It provides an added layer of security, requiring users to go through multiple steps to verify their identities.

Árni Thor Árnason
March 6, 2024

How You Can Protect Your Organization From Social Engineering

Protecting yourself from social engineering is more crucial than ever. Social engineering is a form of manipulation used by cyber attackers to exploit human psychology and gain unauthorized access to personal information or sensitive data.

Ymir Vigfusson
March 4, 2024

What To Do About Cloud Data Loss Prevention

In today’s digital era, cloud technology has become an essential part of businesses. It allows organizations to store and access their data remotely, providing convenience and flexibility.

Árni Thor Árnason
February 29, 2024

What Do Virtually All Phishing Emails Have in Common?

Phishing emails have become a common and persistent threat in today’s digital world. While they may vary in their approach and techniques.

Ymir Vigfusson
February 27, 2024

Mitigating the Man-in-the-Middle Weakness in Remote Desktop Protocol Servers

Remote Desktop Protocol (RDP) servers have become increasingly popular for remote access to computers and networks.

Árni S. Pétursson
February 26, 2024

How Do Spear Phishing Attacks Differ from Standard Phishing Attacks?

Phishing attacks have become an all too familiar threat in today’s digital world. In recent years, however, a new breed of cyber attack has emerged, known as spear phishing.

Ymir Vigfusson
February 17, 2024

What is Continuous Authentication, Really?

Traditional methods of authentication are no longer sufficient. Hackers have become adept at exploiting vulnerabilities in static password-based systems, leaving users and their valuable data at risk.

Ymir Vigfusson
February 14, 2024

10 Essential Data Loss Prevention Rules for Protecting Your Business

From customer information to valuable corporate secrets, data plays a critical role in the success of organizations across industries.

Árni Thor Árnason
February 13, 2024

How To Fix Compliance Gaps In Endpoint Security And Access Controls

Stop stealthy hackers where other security systems can’t

Ymir Vigfusson
February 12, 2024

What Is Remote Desktop Protocol? A Guide to Understanding the Compromise

Remote Desktop Protocol (RDP) is a technology that allows users to connect to a remote computer and access its graphical interface from another device.

Árni Thor Árnason
February 12, 2024

Continuous Authentication Under the Zero Trust Ethic

Security breaches and data compromises are all too common today, especially in the corporate sphere, where system compromises are 100% unacceptable.

Ymir Vigfusson
February 9, 2024

How to Prevent Data Loss: A Guide to Avoiding Data-Loss-Induced Nausea

Data loss is a looming threat that can have serious consequences for individuals and businesses alike. Whether it’s important documents, sensitive company information, or even personal photographs.

Árni Thor Árnason
February 8, 2024

Remote Desktop Protocol Vulnerabilities: A Critical Analysis

Remote Desktop Protocol (RDP) has become an essential tool for remote access to computers and servers.

Árni Thor Árnason
February 6, 2024

What Is a Common Indicator of a Phishing Attempt?

Phishing attempts are a prevalent form of cybercrime that often go undetected until it’s too late. In order to protect yourself and your sensitive information.

Ymir Vigfusson
February 5, 2024

Data Loss Prevention Best Practices: Safeguarding Your Most Vital Assets

Data is the lifeblood, the thumbprint, the essential organs of your organization. It’s what differentiates you from competitors.

Árni Thor Árnason
September 28, 2023

What Helps Protect Against Spear Phishing?

When it comes to protecting critical systems, few adversaries are as cunning as spear phishers.

Ymir Vigfusson
September 21, 2023

Deploy Keystrike in 20 Minutes

Try Keystrike in Your Environment for 30 Days

Sign Up Now
Get Started
© 2025 Keystrike.com