Our next chapter meeting is on Wednesday March 19, 2025 at 5:30PM. Please RSVP if you plan on attending!
Defending the Digital Gate: Combating Adversary in The Middle Phishing Attacks with Passkeys and Conditional Access
This presentation will cover some statistics on increased phishing and account takeover activity. Then, we will discuss why traditional multi-factor authentication methods are becoming less effective at preventing these attacks. In doing so, we will cover how token-based OIDC Authentication works and why it’s vulnerable to AITM Attacks. During this, I’ll demo an attack I conducted against my lab environment to compromise a Microsoft User Account. Afterwards, we will discuss FIDO2 Authentication protocols, the use of Passkeys, and how they prevent these attacks. Lastly, we will discuss Microsoft Entra conditional access policy controls and how to use them to prevent these attacks using both passkey-focused and non-passkey-focused controls.
Presenter: Jeremy Rogers is a Senior Security Operations Engineer with Acrisure LLC. After leaving the United States Marine Corps in 2017, he obtained a bachelor’s in information security/cyber assurance and joined Acrisure in 2020. He has almost five years of experience in security architecture, engineering, and incident response, having implemented and managed a wide range of tools, including SIEM, EDR, Email Security, SOAR, and Cloud Security Solutions. Jeremy’s current focus is on implementing phishing-resistant security solutions for Entra ID for an organization of almost 20k employees; as well as the design and implementation of Security Automation solutions.
Schedule: Presentations begin promptly at 5:30 PM; light dinner and refreshments served before the meeting.
Location Information
Northpointe Bank
5303 28th St Ct SE,
Grand Rapids, MI 49546
Special note: The building access has good strong security protocols and all access between lobby and conference room is escorted. Therefore, please be prompt at or before 5:30pm in the lobby. Someone will be waiting in the lobby for everyone to arrive. Text Patti if you are running late @ (616) 340-6119.