Authentication, Blog, Information Security and Passwords

Removing Passwords, Without Compromising Security

Duo's Security Blog

JANUARY 26, 2024

In today’s complex IT landscape, one of the biggest problems faced by a Chief Information Security Officer (CISO) and their IT security team are forgotten and stolen passwords. On average, employees lose 11 hours per year resetting passwords and an average company spends ~$5M per year on setting and resetting passwords.

Passwords

Passwords Authentication Mobile CISO

Dive in With Duo Passport: A Secure, Seamless Future

Duo's Security Blog

MAY 13, 2024

While our customers love us for our ease of use, flexibility and focus on security, a lot of end users think of Duo the way they think of floss, bike helmets and low-sodium foods. Secure authentication isn’t fun, but you put up with it as part of your day because you know it’s keeping you safer.

Authentication

Authentication VPN Healthcare Risk

The Rise of Passkeys

Duo's Security Blog

FEBRUARY 13, 2024

Then, in turn, they can digitally sign that message and use that secret to set up an encrypted session to send it back and then both parties can communicate bidirectionally securely. So, we began with the use of passwords. Using concepts from Public Key Cryptography WebAuthn was born to verify identity securely.

eCommerce

eCommerce Authentication Encryption Passwords

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

“NETGEAR is aware of multiple security vulnerabilities on the RAX30. These vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited.” The remaining ones are authentication bypass and command injection flaws. for the RAX30 router family.

Hacking

Hacking Firmware Authentication DNS

WebAuthn, Passwordless and FIDO2 Explained: Fundamental Components of a Passwordless Architecture

Duo's Security Blog

DECEMBER 6, 2022

When someone is told that passwords are going away in favor of a new, “password-less” authentication method, a healthy dose of skepticism is not unwarranted. While this isn’t entirely wrong, passwords are difficult to remember and rarely secure. What is WebAuthn? What is the difference between CTAP1 and CTAP2?

Architecture

Architecture Authentication Passwords Technology

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

Surveillance

Surveillance Manufacturing Passwords Internet

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. To nominate, please visit:?.

Telecommunications

Telecommunications Authentication Passwords Accountability

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. Once the attacker gained access to BI user’s passwords and depending on the privileges of the BI user, he can perform operations that can completely compromise the application.

Education

Education Media Authentication Passwords

15 Cybersecurity Measures for the Cloud Era

Security Affairs

APRIL 8, 2022

Authentication. Two-factor authentication is another important security measure for the cloud era. This means that in addition to your password, you will also need a second factor, such as a code from a key fob or a fingerprint, to access your data. Increasingly, passwordless authentication is becoming the norm.

Cybersecurity

Cybersecurity Passwords Penetration Testing Encryption

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

NOVEMBER 22, 2022

In its API Security Top 10 , the Open Web Application Security Project (OWASP) identifies the top ten threats to APIs. Broken Object Level Authentication (BOLA). APIs with broken object level authentication allow attackers to easily exploit API endpoints by manipulating the ID of an object sent within an API request.

Authentication

Authentication B2B Accountability Digital transformation

Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover

Security Affairs

APRIL 15, 2022

A remote, unauthenticated attacker could exploit the flaw to bypass authentication and log in to the device through the management interface. The vulnerability resides in the authentication feature of Cisco Wireless LAN Controller (WLC) Software. ” reads the advisory published by Cisco. or Release 8.10.162.0 Pierluigi Paganini.

Wireless

Wireless Software Authentication Mobile

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Enforce strong passwords and implement multi-factor authentication (MFA) — by educating users about using a unique password for each account and enforcing higher security for privileged accounts (administrators, root). Therefore, educating your employees about the importance of security to your network is critical.

Cybersecurity

Cybersecurity Cybercrime Education Government

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

Volvo’s retailer exposed its database’s authentication information, including MySQL and Redis database hosts, open ports and credentials. Attackers may have exploited leaked credentials to brute force access to the repository, since they only needed a password, which is faster than guessing both a username and password.

Retail

Retail Manufacturing Passwords Phishing

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials. Screenshot of leaked customer information Researchers also stumbled upon 70,000 customer credentials. Leaking employee credentials might put the company at risk of targeted cyberattacks.

Passwords

Passwords Identity Theft Scams Social Engineering

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking

Hacking VPN Marketing Authentication

Five Eyes agencies warn of attacks on MSPs

Security Affairs

MAY 12, 2022

Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. Ensure MSP-customer contracts transparently identify ownership of information and communications technology (ICT) security roles and responsibilities. Improve security of vulnerable devices.

Authentication

Authentication Accountability Architecture Backups

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking

Hacking Penetration Testing Data breaches Authentication

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Use multifactor authentication where possible. Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. Implement the shortest acceptable timeframe for password changes.

Ransomware

Ransomware Antivirus Passwords Malware

PCI v4 is coming. Are you ready?

Pen Test Partners

SEPTEMBER 13, 2023

Section 3 Sensitive authentication data must now be encrypted or protected if stored before authorization. Section 8 Password strength requirements have increased, moving from a minimum of 7 to 12 alpha and numeric characters. If using just passwords for authentication, service providers must change customer passwords every 90 days.

Authentication

Authentication Passwords Media Encryption

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Security Affairs

MAY 14, 2023

ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. The bot runs a shell command to replace remote victims’ ~/.ssh/authorized_keys ” concludes the report that includes indicators of compromise (IoCs). ” We are in the final!

IoT

IoT Malware Passwords Authentication

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. For further information, see our blog post: [link] — Security Response (@msftsecresponse) October 29, 2020.

Authentication

Authentication Advertising Architecture Cybercrime

CERT-UA warns of malspam attacks distributing the Jester info stealer

Security Affairs

MAY 9, 2022

The Jester stealer is able to steal credentials and authentication tokens from Internet browsers, MAIL/FTP / VPN clients, cryptocurrency wallets, password managers, messengers, game programs, and more. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Password Management

Password Management VPN Cryptocurrency Government

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Security Affairs

MAY 4, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of SYSTEM. Threat actors can execute arbitrary code on vulnerable servers by providing a malicious username and password during a login attempt.

Education

Education Malware Software Cybersecurity

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Records of 45 Million+ travelers to Thailand and Malaysia Leaked on #Darkweb (Blog Link) [link] #infosec #leaks #CyberSecurity pic.twitter.com/zHOujQ8CMm — Cyble (@AuCyble) July 12, 2020. The huge trove of data was discovered by the researchers during their regular Deepweb and Darkweb monitoring activity.

Mobile

Mobile InfoSec Data breaches Advertising

GhostTouch: how to remotely control touchscreens with EMI

Security Affairs

MAY 27, 2022

We show the real-world impact of the GhostTouch attacks in a few proof-of-concept scenarios, including answering an eavesdropping phone call, pressing the button, swiping up to unlock, and entering a password.” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Authentication

Authentication Passwords Hacking Software

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

The fake site simply forwards all requests on this page to Airbnb.com, and records any usernames and passwords submitted through the site. The price is € 250 + €500 secure deposit. As security deposit needs to be added ,discount needs to be applied please follow the airbnb link” (which goes to the fake Airbnb page).

Scams

Scams Advertising Accountability Phishing

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

SC Magazine

FEBRUARY 19, 2021

The probe also found no evidence of access to Microsoft’s production services or customer data, according to a blog post penned by Vasu Jakkal, Microsoft corporate vice president of security, compliance and identity. Vectra Chief Technology Officer Oliver Tavakoli applauded Microsoft’s endorsement of a zero trust architecture.

Authentication

Authentication Architecture Threat Detection Accountability

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

One-time password (OTP) bots. These bots allows phishers to bypass 2FA (two-factor authentication) protections automatically. Phishers provides updates on a regular basis for the phishing tools, anti-detection systems and links generated by the phishing kits.

Phishing

Phishing Scams Social Engineering Banking

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. Have a cyber incident response plan, and exercise it regularly with stakeholders in IT, cybersecurity, and operations. Limit ICS/SCADA systems’ network connections to only specifically allowed management and engineering workstations.

Passwords

Passwords Architecture Backups Cyber Attacks

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

Duo's Security Blog

JUNE 28, 2022

Most importantly, it means they must be in compliance with several new rules to protect consumer information by December 2022. And one of the few security technologies that is specifically called out by the FTC is multi-factor authentication (MFA). How does MFA fit into an information security program?

Authentication

Authentication Financial Services Technology Information Security

Security Affairs newsletter Round 370 by Pierluigi Paganini

Security Affairs

JUNE 20, 2022

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware

Spyware DNS Surveillance Ransomware

Microsoft warns of the rise of cryware targeting hot wallets

Security Affairs

MAY 18, 2022

Password and info stealers. Apart from sign-in credentials, system information, and keystrokes, many info stealers are now adding hot wallet data to the list of information they search for and exfiltrate. The post Microsoft warns of the rise of cryware targeting hot wallets appeared first on Security Affairs. Ransomware.

Cryptocurrency

Cryptocurrency Social Engineering Malware Cybercrime

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

FEBRUARY 24, 2020

.” reads the security update published by the company. The company confirmed that records were accessed by an unauthorized party, but pointed out that exposed data information did not contain passwords or personal financial data. Data belonging to users that checked out as guests were not exposed. .

Accountability

Accountability Data breaches Passwords Advertising

QNAP users are recommended to disable UPnP port forwarding on routers

Security Affairs

APRIL 19, 2022

UPnP is an insecure protocol, it uses network UDP multicasts, and doesn’t support encryption and authentication. Enforce a strong password policy for all NAS users, including the new administrator account you’ve just created. Install QuFirewall on your QNAP NAS and limit allowed IP addresses to a specific region or subnet.

VPN

VPN Internet Internet Firewall

PCI Audit – Checklist & Requirements

Centraleyes

DECEMBER 17, 2023

The 12 technical and operational control requirements of the PCI DSS were established to ensure data security competence and are accepted as a benchmark for information security. The answer to this is password and configuration management and should be one of your highest security priorities.

Passwords

Passwords Computers and Electronics Software Risk

Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flaw

Security Affairs

NOVEMBER 2, 2020

“It is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password,” reads the advisory published by Oracle. The vulnerability could be exploited by unauthenticated attackers via HTTP without user interaction. 12.2.1.4.0, and 14.1.1.0.0

Advertising

Advertising Authentication Passwords Hacking

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

Then the attackers attempt to extract credentials to an Active Directory account used by the compromised device and use them for lateral movement by authenticating to other devices. “Microsoft has observed Volt Typhoon attempting to dump credentials through the Local Security Authority Subsystem Service (LSASS).

Accountability

Accountability VPN Manufacturing Firewall

Iranian hackers access unsecured HMI at Israeli Water Facility

Security Affairs

DECEMBER 4, 2020

. “The reservoir’s HMI system was connected directly to the internet, without any security appliance defending it or limiting access to it. Furthermore, at the time of the publication, the system did not use any authentication method upon access.” ” reads the blog post published by OTORIO. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Hacking Authentication Education

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

SC Magazine

FEBRUARY 19, 2021

The probe also found no evidence of access to Microsoft’s production services or customer data, according to a blog post penned by Vasu Jakkal, Microsoft corporate vice president of security, compliance and identity. Vectra Chief Technology Officer Oliver Tavakoli applauded Microsoft’s endorsement of a zero trust architecture.

Authentication

Authentication Architecture Threat Detection Accountability

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Netwalker ransomware operators announced the attack with a message posted on their online blog and shared a few screenshots as proof of the security breach. Only use secure networks and avoid using public Wi-Fi networks. Use two-factor authentication with strong passwords. Consider installing and using a VPN.

Ransomware

Ransomware VPN Advertising Marketing

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

ForAllSecure

APRIL 26, 2023

In this blog post, we'll explore common techniques used to penetrate systems and how organizations can defend against each type of attack. Common Types of Cyber Attacks Common techniques that criminal hackers use to penetrate systems include social engineering, password attacks, malware, and exploitation of software vulnerabilities.

Social Engineering

Social Engineering Passwords Engineering Software

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Media Hacking Education

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

Using this list as a backdrop the following best practices are presented as a call to action to help organizations take a proactive approach at addressing API security risk. Be sure to check out the bonus tip at the end of the blog and share in the comments other ways your organization is successfully securing APIs.

Software

Software Authentication Risk Encryption

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

Attackers replaced binaries on compromised EdgeRouters with trojanized OpenSSH server binaries allowing remote attackers to bypass authentication. Change any default usernames and passwords. Researchers observed the MooBot botnet targeting routers with default or weak credentials to deploy OpenSSH trojans. ” continues the report.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Removing Passwords, Without Compromising Security

Dive in With Duo Passport: A Secure, Seamless Future

Trending Sources

The Rise of Passkeys

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

WebAuthn, Passwordless and FIDO2 Explained: Fundamental Components of a Passwordless Architecture

3.5m IP cameras exposed, with US in the lead

China-linked threat actors have breached telcos and network service providers

SAP April 2023 security updates fix critical vulnerabilities

15 Cybersecurity Measures for the Cloud Era

5 API Vulnerabilities That Get Exploited by Criminals

Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Volvo retailer leaks sensitive files

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Hackers can hack organizations using data found on their discarded enterprise network equipment

Five Eyes agencies warn of attacks on MSPs

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

BlackCat Ransomware gang breached over 60 orgs worldwide

PCI v4 is coming. Are you ready?

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

CERT-UA warns of malspam attacks distributing the Jester info stealer

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

GhostTouch: how to remotely control touchscreens with EMI

‘Land Lordz’ Service Powers Airbnb Scams

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

Phishers migrate to Telegram

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

Security Affairs newsletter Round 370 by Pierluigi Paganini

Microsoft warns of the rise of cryware targeting hot wallets

Slickwraps discloses data leak that impacted 850,000 user accounts

QNAP users are recommended to disable UPnP port forwarding on routers

PCI Audit – Checklist & Requirements

Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flaw

China-linked APT Volt Typhoon targets critical infrastructure organizations

Iranian hackers access unsecured HMI at Israeli Water Facility

Microsoft wraps SolarWinds probe, nudges companies toward zero trust

Netwalker ransomware operators claim to have stolen data from Forsee Power

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

10 Reasons to Trust Your Enterprise APIs

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Stay Connected