CyberArk has pinpointed four main attack vectors used by threat actors to circumvent MFA controls. The rate of compromise of accounts using any type of MFA is less than 0.1% of the general population. Most enterprise Microsoft 365 administrators do not have MFA activated, CoreView found. MFA needs to be considered in the context of multi-layered Identity Security controls, including strong privileged access controls like session isolation and credential management. You are only as secure as your weakest link, says CyberArk’s Shay Nahari.
Source: https://www.helpnetsecurity.com/2021/06/09/mfa-bypass-attacks/