Duo's Security Blog

JUNE 8, 2023

Some of it is positive, but the general consensus is that people don’t love multi-factor authentication (MFA); they see it as a necessary evil at best. That’s why I’m so excited to announce our vision to streamline Duo’s authentication workflows, a feature that will deliver seamless, secure login experiences.

Authentication 136

Authentication VPN System Administration Engineering 136

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The group now is targeting Cisco VPN products to gain initial access to corporate networks. Sophos researchers observed in May the threat actor using compromised Cisco VPN accounts to breach target networks.

VPN 89

VPN Ransomware Hacking Education 89

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

VPN 92

VPN Malware Authentication Small Business 92

IT Security Guru

OCTOBER 26, 2023

Enter Two-Factor Authentication, or 2FA for short. Then, your account will ask for a secondary code, usually sent via SMS to your phone. Go to your account settings and look for the security section. Always use VPN for your safety to protect your data from prying eyes. Can I use 2FA for all my online accounts?

Authentication 115

Authentication Passwords Mobile VPN 115

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication 153

Authentication VPN Passwords Hacking 153

Security Affairs

FEBRUARY 1, 2024

The government experts also ordered to monitor the authentication or identity management services that could be exposed and urged to isolate the systems from any enterprise resources to the greatest degree possible. CISA also warned to continue to audit privilege-level access accounts. The flaw CVE-2023-46805 (CVSS score 8.2)

VPN 104

VPN Authentication Software Malware 104

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 60

Authentication Ransomware VPN Passwords 60

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. This method poses a risk of exposing sensitive data or enabling fraudulent activities.

VPN 111

VPN Accountability Firewall Data breaches 111

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN 136

VPN Passwords Banking Advertising 136

Security Affairs

SEPTEMBER 25, 2022

Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.

Accountability 106

Accountability Phishing Authentication Passwords 106

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. CISA and MS-ISAC assessed that the threat actor connected to the VM through the victim’s VPN with the intent to blend in with legitimate traffic to evade detection.”

Government 132

Government VPN Accountability Authentication 132

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 112

VPN Firewall Firmware Authentication 112

Security Affairs

SEPTEMBER 8, 2023

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. ” reads the advisory published by the IT giant. or earlier).

Ransomware 136

Ransomware VPN Authentication Hacking 136

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Trick or Treat: The Choice is Yours with Multifactor Authentication. Whether you want the ‘trick’ of a malevolent threat actor infiltrating your network by exploiting a compromised password or the ‘treat’ from the peace of mind associated with multifactor authentication, the choice is yours. Fri, 10/29/2021 - 05:29. Colonial Pipeline.

Authentication 71

Authentication VPN Passwords Accountability 71

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. ” reads the report published by FireEye. ” continues the report.

VPN 115

VPN Hacking Authentication Government 115

Duo's Security Blog

JUNE 22, 2022

Nevertheless, VPN-less solutions are gaining momentum due to their benefits over traditional VPNs. However, adoption of a VPN-less secure remote access solution varies by industry, an organization’s knowledge, skills, and comfort level with configuring and managing the solution, and cultural factors including executive buy-in.

VPN 92

VPN Architecture Authentication Cyber threats 92

Security Affairs

NOVEMBER 29, 2022

In early October, Fortinet addressed the critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. On October 18, Fortinet confirmed the critical authentication bypass vulnerability is being exploited in the wild. ” concludes the post. Pierluigi Paganini.

VPN 100

VPN Firewall Authentication Internet 100

Security Affairs

OCTOBER 20, 2021

a demo for anti-virus software, VPN, music players, photo editing or online games) to hijack the channel of YouTube creators. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Below are the job descriptions used to recruit the hackers. Pierluigi Paganini.

Accountability 127

Accountability Malware Phishing Social Engineering 127

Krebs on Security

AUGUST 21, 2020

The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. authenticate the phone call before sensitive information can be discussed.

VPN 359

VPN Social Engineering Authentication Engineering 359

Malwarebytes

JULY 1, 2021

SMS authentication codes are back in the news, and the word I’d use to summarise their reappearance is “embattled.” ” I can still remember a time where two-factor authentication (2FA), authentication grids, regional lockouts, Yubikeys, and offline authentication apps simply did not exist.

Authentication 97

Authentication Phishing Passwords Mobile 97

Dark Reading

JUNE 8, 2021

No multi-factor authentication was attached to the stolen VPN password used by the attackers, Colonial Pipeline president & CEO Joseph Blount told a Senate committee today.

VPN 44

VPN Accountability Authentication Passwords 44

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. . 2019 that wasn’t discovered until April 2020.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing 357

Phishing VPN Social Engineering Media 357

Security Affairs

FEBRUARY 12, 2024

They might even lock you out of your own accounts by resetting your passwords. Avoid entering any data if you see a warning message about a site’s authenticity. Also, consider using a Virtual Private Network (VPN) to encrypt your data and make it unreadable to hackers.

DNS 125

DNS VPN Encryption Passwords 125

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. ” Once gained access to the network, crooks expand their network access, for example, escalating privileges of the compromised employees’ accounts. Pierluigi Paganini.

Accountability 102

Accountability VPN Social Engineering Phishing 102

The Last Watchdog

MARCH 6, 2021

It is essential to ensure that all accounts are protected with strong passwords. To this day, a significant amount of people still use the password across multiple accounts, which makes it much simpler for a cybercriminal to compromise a password and take over accounts. Set-up 2-factor authentication.

VPN 214

VPN Firewall Antivirus Passwords 214

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 315

Accountability Passwords Authentication Password Management 315

CyberSecurity Insiders

MAY 4, 2023

Also, use different passwords for different online accounts. 2. Enable Two-Factor Authentication: Two-factor authentication is an extra layer of secu-rity that requires you to enter a code sent to your phone or email, in addition to your password. If you must use public Wi-Fi, use a VPN to encrypt your traffic.

VPN 106

VPN Passwords Scams Accountability 106

CSO Magazine

JUNE 23, 2021

With the recent Colonial Pipeline attack , the initial infection point was reportedly an old, unused, but still open VPN account. The VPN account did not have two-factor authentication ( 2FA ) enabled, allowing the attacker to merely log in. To read this article in full, please click here (Insider Story)

VPN 117

VPN Accountability Phishing Authentication 117

Malwarebytes

FEBRUARY 7, 2024

I reached out to the person that owns the account to find out if he knew how his account got compromised. These apps would then spread further from the compromised user account. The script on that site looks at your IP address, your type of machine and whether you are using a VPN. Click your profile picture.

Scams 133

Scams Passwords Identity Theft Accountability 133

CyberSecurity Insiders

JUNE 5, 2023

Use Strong and Unique Passwords : One of the most basic yet critical steps is to create strong, unique passwords for your online accounts. Additionally, employ a password manager to securely store and generate unique passwords for each account. Avoid using common phrases or personal information that can be easily guessed.

Passwords 126

Passwords Encryption Media Banking 126

Security Affairs

AUGUST 10, 2022

The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. ” reads the analysis published by Cisco Talos.

Ransomware 126

Ransomware Hacking VPN Phishing 126

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. The researchers found that just being able to reach the management interface for a vulnerable Fortinet SSL VPN appliance was enough to completely compromise the devices.

Risk 213

Risk VPN Internet Internet 213

Heimadal Security

OCTOBER 14, 2022

MFA, or multi-factor authentication, is a security technique that requires users to verify their identities by offering multiple forms of identification before being granted access to a resource such as an application, online account, website, or VPN.

VPN 97

VPN Authentication Passwords Accountability 97

Heimadal Security

SEPTEMBER 13, 2022

The American technology giant, Cisco, confirmed that the data leaked by Yanluowang ransomware gang on September 11, 2022, is authentic. The company’s network has been breached through the VPN account of an employee. The data now released on the dark web was stolen in a cyberattack in May, this year.

Ransomware 93

Ransomware VPN Authentication Accountability 93

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for MFA.

Ransomware 82

Ransomware VPN Passwords Backups 82

Krebs on Security

FEBRUARY 26, 2023

The general manager of Escrow.com found himself on the phone with one of the GoDaddy hackers, after someone who claimed they worked at GoDaddy called and said they needed him to authorize some changes to the account. “He was literally reading off the tickets to the notes of the admin panel inside GoDaddy.”

Hacking 268

Hacking Social Engineering Phishing Scams 268