Authentication, VPN and Webinar - Cyber Security Informer

Authentication

VPN

Webinar

Authentication Alone Is Failing: Introducing Continuous Identity Security

Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today.

Authentication

Authentication Accountability VPN Phishing

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication

Authentication Risk Social Engineering InfoSec

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Passwords vs. Passkeys: The State of Passkeys on User Endpoints

Duo's Security Blog

SEPTEMBER 4, 2023

In our recent passkey blog series , we’ve been unpacking the difference between new passkey technology and more conventional password security in light of some of the most critical authentication scenarios. They can also be used on other devices through QR code-based “hybrid” authentication.

Passwords

Passwords Authentication Accountability Password Management

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Australia Stresses Cybersecurity Precautions in Wake of Ukraine Conflict

Duo's Security Blog

MARCH 9, 2022

Together these practices — which include multi-factor authentication (MFA), restricting administrative privileges and daily backups — provide a clear framework for businesses anywhere that are looking to improve their foundational security footing , as we’ve previously noted on the Duo Blog.

Cybersecurity

Cybersecurity Authentication Passwords VPN

Ensuring Security and Compliance for Global Healthcare

Security Boulevard

APRIL 9, 2021

Remote work technologies are playing an important role to enable a healthcare telework community, and threat actors continue to target VPN vulnerabilities – a high-risk point. Endpoints can be user devices – user laptops, workstations and devices often used to access networks remotely via VPN. Webinar: Ransomware: Cyber Defense Demo.

Healthcare

Healthcare Ransomware Risk VPN

Top Trending CVEs of February 2024

NopSec

FEBRUARY 28, 2024

The attack chain is pretty interesting, but does require authenticated access. As it turned out all of the needed information was accessible to any authenticated user via a request to the “/ghost/api/admin/users/?include=roles” Ivanti SSL VPN CVE-2024-21888 and CVE-2024-21893 Ivanti has had a rough couple of months.

Authentication

Authentication Accountability Passwords Risk

Top Trending CVEs of April 2024

NopSec

MAY 1, 2024

Palo Alto PanOS RCE CVE-2024-3400 It feels like the first quarter of 2024 has been defined by a string of SSL VPN command execution vulnerabilities and Palo Alto has jumped on the wagon. The analysis revealed that the SSL VPN end-point was shipped without disk encryption enabled, which made filesystem access trivial.

Firewall

Firewall VPN Software Risk

Intro to Phishing: How Dangerous Is Phishing in 2023?

Duo's Security Blog

APRIL 20, 2023

A major leading research and teaching institution, the University was looking for a multi-factor authentication (MFA) solution that could integrate with existing IT architecture and be rolled out easily across campus. Duo’s enrollment and authentication processes made it easy for even the most anti-tech users to get up and running with MFA.

Phishing

Phishing Social Engineering Authentication Engineering

Top Trending CVEs of March 2024

NopSec

APRIL 3, 2024

The application behavior varies depending on the authentication status of the attacker. An unauthenticated user can only read the first three (3) lines of a file, however authenticated users can read the entire file system. Fortinet FortiGate SSL VPN RCE CVE-2024-21762 I think SSL VPN RCE may be my favorite combination of acronyms.

VPN

VPN Authentication Architecture Software

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

Imagine a shift away from logging into a “network” to having security seamlessly built into the network, and multi-factor authentication and authorization continuously performed at the application level on the fly — without users typing passwords. The vision being set forth by OMB is ambitious — but vital.

Authentication

Authentication Government DNS Encryption

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Active Lock protects individual files by requiring step-up authentication until the threat is cleared. There are many options for step-up authentication, including Cisco Duo OTP and push notifications.

Technology

Technology Firewall VPN Authentication

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

From an economics point of view, solutions that can be simultaneously implemented across both IT and OT environments – such as secure-access platforms with two-factor or multi-factor authentication – is a good place for a utility to start, she added, speaking in an online webinar organized by Cisco Systems.

CISO

CISO IoT VPN InfoSec

Ransomware Prevention, Detection, and Simulation

NetSpi Executives

APRIL 27, 2024

Logins without multi-factor authentication. terminal services, virtual private networks (VPNs), and remote desktops—often use weak passwords and do not require MFA. Enable multi-factor authentication. Watch the Webinar Ransomware simulation In this section, learn about ransomware attack simulation.

Ransomware

Ransomware Cyber Insurance Backups Insurance

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

What if the recipient is in a hurry and under a lot of stress – will they be aware of how sophisticated and authentic-looking a well-crafted whaling attack can be? A well-crafted spear phishing attack can be extremely difficult to detect because attackers perform detailed research on their victims to make the email appear authentic.

Phishing

Phishing Social Engineering Engineering Healthcare

Authentication Alone Is Failing: Introducing Continuous Identity Security

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Webinars

Trending Sources

Passwords vs. Passkeys: The State of Passkeys on User Endpoints

Webinars

Australia Stresses Cybersecurity Precautions in Wake of Ukraine Conflict

Ensuring Security and Compliance for Global Healthcare

Top Trending CVEs of February 2024

Top Trending CVEs of April 2024

Intro to Phishing: How Dangerous Is Phishing in 2023?

Top Trending CVEs of March 2024

What’s New in the Federal Zero Trust Strategy?

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Water utility CISO offers tips to stay secure as IT and OT converge

Ransomware Prevention, Detection, and Simulation

Phishing: What Everyone in Your Organization Needs to Know

Stay Connected