Security Boulevard

FEBRUARY 21, 2024

TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchy I previously wrote about how targeting site systems hosting the SMS Provider role can be used to compromise a SCCM hierarchy. The following (Figure 11) is a demonstration of that attack path.

Authentication 62

Authentication Accountability System Administration Software 62

Duo's Security Blog

MAY 11, 2022

The lightweight application collects device health information such as Operating System (OS) version , firewall status, disk encryption status, presence of Endpoint Detection and Response (EDR) agents and password status. Administrators can set access policies based on device health.

VPN 54

VPN Firewall System Administration Encryption 54

Security Boulevard

SEPTEMBER 17, 2022

Zero trust is built on the principle that no person or device inside or outside of an organization's network should be granted access to connect to systems until authenticated and continuously verified. Internal hygiene is critical, and that includes ensuring that system level usernames and passwords are not hard-coded.

Social Engineering 76

Social Engineering Education Technology Engineering 76

Security Boulevard

DECEMBER 2, 2022

Also, remember how users can use keys rather than a password to login? So, imagine Susan is a system admin and she has access to several servers. She used SSH keygen to generate keys and she now can login to the systems via Secure Shell. These algorithms change and as they age, they become more vulnerable. UTM Medium.

Risk 62

Risk Authentication Passwords Accountability 62

NopSec

MARCH 16, 2020

Once you understand which systems form your telework attack surface ask yourself which vulnerabilities and misconfigurations they have. First of all, ask yourself whether all your remote working systems and related directory services they are tapping into have adequate password length policy, password expiration,and username randomization.

VPN 40

VPN Accountability Risk System Administration 40

CyberSecurity Insiders

NOVEMBER 18, 2021

This blog was written by an independent guest blogger. This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. Attackers may use the following methods to obtain administrator privileges: Compromised passwords. Reaching the goal of the attack.

Accountability 133

Accountability Passwords Authentication Social Engineering 133

Security Affairs

JUNE 2, 2020

The vulnerability could potentially allow an authenticated attacker to gain access to corporate network, access to sensitive data, and control private clouds within an entire infrastructure. “An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution.

System Administration 87

System Administration Accountability Advertising Authentication 87

CyberSecurity Insiders

SEPTEMBER 21, 2021

This blog was written by an independent guest blogger. Modern organizations rely heavily on software and systems. Secure coding standards are significant, as they give some assurance that software installed on the organization’s system is protected from security flaws. Authentication and password management.

Authentication 79

Authentication Passwords Software Accountability 79

eSecurity Planet

DECEMBER 3, 2021

Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. His 1994 book detailing cryptographic algorithms ( Applied Cryptography ) was just the beginning of his contributions to technical perspectives on system design, cybersecurity, privacy, and more. Dave Kennedy | @hackingdave.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Malwarebytes

AUGUST 18, 2021

The major new security features that would debut in macOS 11 were: Pointer Authentication Codes (PAC) , hardware-enforced Call Flow Integrity (CFI), implemented by Apple’s homegrown 64 bit ARM processor, the M1. Currently limited to system code and kernel extensions, but open to all third-party developers for experimentation.

Firmware 142

Firmware Architecture Risk Engineering 142

Duo's Security Blog

NOVEMBER 30, 2022

Supporting OIDC allows us to protect more of the applications that our customers are adopting as we all move towards a mobile-first world and integrate stronger and modern authentication methods (e.g. protocol adding Authentication to what has historically been used for Authorization purposes. biometrics). What is OIDC?

B2C 80

B2C B2B Authentication Mobile 80

Security Boulevard

JUNE 20, 2022

This blog post provides a high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound Enterprise can help you in the process. Teal has a blog post on PAW available here.

Accountability 52

Accountability Risk Authentication Passwords 52

The Last Watchdog

JUNE 22, 2020

No one enforced the use of passwords, nor insisted on strict teacher control of those lessons. To Zoom’s credit, password protection and a “waiting room” feature, which allows the host to control when a participant joins the meeting, are the default settings for its free and single license paid accounts.

Mobile 276

Mobile Passwords Technology VPN 276

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. Okta is a widely used authentication services provider, and it is safe to assume that a hacker controlling their network would be able to infect any of their customers.

Firmware 117

Firmware Surveillance Mobile Telecommunications 117