Duo's Security Blog

DECEMBER 21, 2021

The Remote Desktop Protocol (RDP) feature for the Duo Network Gateway prompts users to authenticate only when necessary, instead of first having them try and fail, forcing them to try again after logging into the company’s virtual private network (VPN). Otherwise, the DNG stays out of the way.

VPN 97

VPN Authentication DNS Architecture 97

Security Boulevard

APRIL 27, 2022

Risky Behavior: VPN Providers Installing Root Certificates Without User Consent. Some VPN apps automatically install self-signed trusted root certificates without informed user consent, says cybersecurity research firm AppEsteem. “We brooke.crothers. Wed, 04/27/2022 - 16:21. And this can lead to security holes. Users not informed.

VPN 52

VPN Encryption Risk Authentication 52

Security Affairs

APRIL 28, 2023

through 4.73, VPN series firmware versions 4.60 The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.16

Firewall 94

Firewall Firmware VPN Authentication 94

Heimadal Security

OCTOBER 14, 2022

MFA, or multi-factor authentication, is a security technique that requires users to verify their identities by offering multiple forms of identification before being granted access to a resource such as an application, online account, website, or VPN. appeared first on Heimdal Security Blog.

VPN 97

VPN Authentication Passwords Accountability 97

Krebs on Security

NOVEMBER 21, 2020

. “A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Kayamori said in a blog post. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Heimadal Security

SEPTEMBER 13, 2022

The American technology giant, Cisco, confirmed that the data leaked by Yanluowang ransomware gang on September 11, 2022, is authentic. The company’s network has been breached through the VPN account of an employee. The post Yanluowang Ransomware Gang Leaked Cisco Stolen Data appeared first on Heimdal Security Blog.

Ransomware 93

Ransomware VPN Authentication Accountability 93

Security Affairs

MAY 26, 2022

CVE-2022-26531 : Multiple improper input validation flaws were identified in some CLI commands of some firewall, AP controller, and AP versions that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 123

Firewall VPN Authentication Cyber Attacks 123

Troy Hunt

APRIL 6, 2020

That email would have been a reply to one you originally sent to me that would have sounded something like this: Hi, I came across your blog on [thing] and I must admit, it was really nicely written. I also have an article on [thing] and I think it would be a great addition to your blog. On a popular blog. Just the title.

Advertising 296

Advertising VPN Internet Internet 296

eSecurity Planet

MARCH 11, 2024

March 4, 2024 JetBrains Server Issues Continue with New Vulnerabilities Type of vulnerability: Authentication bypass. The problem: Two authentication bypass vulnerabilities, CVE-2024-27198 and CVE-2024-27199 , allow unauthenticated attackers to exploit JetBrains TeamCity servers. The fix: Deploy JetBrains TeamCity version 2023.11.4

Authentication 102

Authentication Software VPN Security Defenses 102

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for MFA.

Ransomware 82

Ransomware VPN Passwords Backups 82

Webroot

APRIL 2, 2024

It underscores the necessity for robust password policies and advanced security measures like Multi-Factor Authentication (MFA) and encryption methods resilient against GPU-powered attacks. VPN Usage: Restrict RDP access to users connected through a Virtual Private Network (VPN) , reducing the exposure of RDP to the open internet.

Cybersecurity 83

Cybersecurity Passwords VPN Authentication 83

eSecurity Planet

FEBRUARY 12, 2024

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. Orca Security published a blog post about the vulnerabilities — its researchers discovered and reported the issues in Fall 2023, and Microsoft quickly patched them.

VPN 104

VPN Authentication Software Firewall 104

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking 92

Hacking VPN Marketing Authentication 92

eSecurity Planet

SEPTEMBER 5, 2023

Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. It is suspected that the Akira ransomware organization used an undisclosed weakness in Cisco VPN software to evade authentication.

VPN 96

VPN Authentication Ransomware Antivirus 96

Duo's Security Blog

MAY 13, 2024

Secure authentication isn’t fun, but you put up with it as part of your day because you know it’s keeping you safer. That’s why we’re so excited to bring to market Duo Passport — a new capability that drives secure, seamless access to all the permitted applications with just one interactive authentication.

Authentication 58

Authentication VPN Healthcare Risk 58

Security Affairs

MAY 4, 2023

The threat actors allegedly obtained access to Ukraine’s public networks by using compromised VPN credentials. ” CERT-UA urges Ukrainian critical organizations using multi-factor authentication for VPN accounts, network segmentation and filtering of incoming, outgoing and inter-segment information flows.

VPN 87

VPN Education Accountability Cyber Attacks 87

Javvad Malik

NOVEMBER 11, 2021

Cloud usage has increased, we’ve seen VPN’s crop up everywhere, and the shiny hotness that is MFA (multi factor authentication). At the beginning of lockdown, we saw phishing emails which claimed to be from IT asking unwitting staff to download the latest VPN. Spoiler alert, it wasn’t a VPN.

VPN 100

VPN Authentication Passwords Scams 100

Duo's Security Blog

JANUARY 11, 2023

This means that the DNG now enables users to access on-premises shares, without requiring a full VPN connection. It also eliminates the need for full VPN and avoids exposing those applications directly to the internet. Then it verifies user identity with advanced multi-factor authentication (MFA). What is Duo Network Gateway?

VPN 101

VPN Firewall Authentication Internet 101

Security Affairs

DECEMBER 29, 2022

CVE-2022-27510 flaw is an authentication bypass using an alternate path or channel. The vendor pointed out that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are impacted. .

VPN 95

VPN Internet Internet Authentication 95

Webroot

FEBRUARY 26, 2024

Safeguard your privacy with a trustworthy VPN In the digital-verse, protecting your online privacy is paramount, like guarding the secret recipe to your grandma’s famous carrot cake. That’s where a virtual private network (VPN) swoops in like a digital superhero to save the day. Stay safe out there!

Scams 99

Scams VPN Passwords Phishing 99

Duo's Security Blog

MARCH 25, 2022

Problem: The Traditional VPN Is No Longer Enough Since the 1990s, virtual private networks (VPNs) have been well-suited for the purpose they were built for – to grant employees temporary access to corporate networks and resources when they weren't logging in from an office.

VPN 98

VPN Architecture Authentication Software 98

Security Affairs

APRIL 23, 2022

The VPN credentials for initial access are said to have been obtained from illicit websites like Russian Market with the goal of gaining control of T-Mobile employee accounts, ultimately allowing the threat actor to carry out SIM swapping attacks at will. ” wrote Krebs. – Source KrebsOnSecurity. “Our To nominate, please visit:?

Mobile 97

Mobile VPN Social Engineering Telecommunications 97

Webroot

OCTOBER 22, 2021

The most popular options include virtual private network (VPN) or remote desktop protocol (RDP). VPN works by initiating a secure connection over the internet through data encryption. One downside of using a VPN connection involves vulnerability. One downside of using a VPN connection involves vulnerability.

VPN 111

VPN Penetration Testing Education Security Awareness 111

eSecurity Planet

MARCH 19, 2024

The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website. The fix: Fortinet advised users to disable SSL VPN until their FortiOS and FortiProxy deployments can be upgraded.

Authentication 102

Authentication VPN Software DDOS 102

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. Enforce MFA on all VPN connections [ D3-MFA ].

Telecommunications 96

Telecommunications Authentication Passwords Accountability 96

Security Affairs

APRIL 19, 2022

UPnP is an insecure protocol, it uses network UDP multicasts, and doesn’t support encryption and authentication. ” The vendor also recommends enabling the VPN server function on the user router to access QNAP NAS from the Internet. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

VPN 103

VPN Internet Internet Firewall 103

Duo's Security Blog

AUGUST 22, 2022

In 2017, New York Department of Financial Services (NYDFS) passed cybersecurity regulation 23 NYCRR 500, requiring all financial services companies to implement multi-factor authentication (MFA). Remote Access Application Coverage: Many companies rely on a virtual private network (VPN) to access sensitive company information.

Cybersecurity 98

Cybersecurity Financial Services VPN Technology 98

Security Affairs

MAY 9, 2022

The Jester stealer is able to steal credentials and authentication tokens from Internet browsers, MAIL/FTP / VPN clients, cryptocurrency wallets, password managers, messengers, game programs, and more. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Password Management 85

Password Management VPN Cryptocurrency Government 85

Duo's Security Blog

MARCH 30, 2023

In our last Universal Prompt blog we focused on a few of the security benefits that using it provides. In this blog we’ll get into more of the user experience benefits. Improved User Experience – The Universal Prompt is a major redesign with new styling and a workflow-based authentication experience.

Authentication 53

Authentication Software Risk VPN 53

eSecurity Planet

MARCH 16, 2023

. “An attacker who successfully exploited this vulnerability could access a user’s Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user,” the company wrote. This will prevent the sending of NTLM authentication messages to remote file shares.

Energy and Utilities 92

Energy and Utilities Authentication Firewall Engineering 92

Security Affairs

MAY 5, 2023

“An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.” The CVE-2023-27999 flaw (CVSS score 7.6) ” reads the advisory published by Fortinet.

VPN 93

VPN Authentication Hacking Cybersecurity 93

Security Affairs

APRIL 8, 2022

Authentication. Two-factor authentication is another important security measure for the cloud era. Increasingly, passwordless authentication is becoming the norm. When you access the internet through a VPN, your data is encrypted and routed through a secure tunnel. Use a reputable cloud service provider.

Cybersecurity 102

Cybersecurity Passwords Penetration Testing Encryption 102

Duo's Security Blog

JUNE 2, 2021

This report Bridging Healthcare Security Gaps: Better Authentication Improves Controls aims to bring clarity and solutions to these security gaps. In this report you will learn: About zero trust and how multi-factor authentication meets the HIPPA requirements for a third factor of authentication.

Healthcare 100

Healthcare CISO Authentication VPN 100

Duo's Security Blog

AUGUST 25, 2022

We’re excited to announce early access release of the Verified Duo Push, which will increase the security of our push-based multi-factor authentication (MFA) solution. With modern phishing-resistant authentication methods, we need to ensure that organizations continue to have the best security around push-based MFA.

Authentication 64

Authentication Mobile VPN Threat Detection 64

Duo's Security Blog

MAY 11, 2022

And certain VPN clients or remote access agents perform posture checks to enforce device-based access policies. But organizations are moving their applications to the cloud, allowing BYOD and contractor devices for work, and reducing their reliance on VPN for remote access.

VPN 75

VPN Firewall System Administration Encryption 75

Pen Test Partners

FEBRUARY 14, 2024

October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks. Consider your VPN solution, many have moved to using M365 authentication to protect this. What’s the attack?

Phishing 66

Phishing Mobile Social Engineering Data breaches 66

Security Affairs

MAY 11, 2023

Once an email address is discovered on the dark web, Google will urge users to enable two-step authentication (2FA) to protect their Google accounts. Google also announced the availability of VPN access for all Google One plans. The upcoming feature will be also extended to users from select international markets. We are in the final!

Marketing 94

Marketing Accountability VPN Data breaches 94