InfoSec, Passwords and VPN - Cyber Security Informer

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. ” reads the analysis published by Cisco Talos.

Ransomware

Ransomware Hacking VPN Phishing

The State of Data Breaches, Part 2: The Trilogy of Players

Troy Hunt

JUNE 30, 2024

A dropped VPN connection. An email address, handle or password used somewhere else that links to their identity. Increasingly, we're seeing formal government entities issue much broader infosec advice, for example, as our Australian Signals Directorate regularly does.

Data breaches

Data breaches Government InfoSec Passwords

Protect IT—A Combination of Security Culture and Cyber Hygiene Good Practices

Thales Cloud Protection & Licensing

OCTOBER 24, 2019

That includes setting up a VPN through which remote employees can access work assets. These guidelines should include the following: Set up a Strong Password Policy. One of the most common ways by which malicious actors perpetrate account takeover (ATO) fraud is via password brute forcing attacks. Employ Device Encryption.

Security Awareness

Security Awareness InfoSec Passwords Accountability

An initial access broker claims to have hacked Deutsche Bank

Security Affairs

NOVEMBER 11, 2022

We can provide VDI & VPN + all passwords of domain dump (with DA usr’s) Their funds is in B$ Price 7.5BTC We will request for proof that one can afford to avoid time wasters etc…” reads the announcement. Breaking Deutsche Bank allegedly breached and for sale by the same access broker that sold access to Medibank.

Banking

Banking Hacking InfoSec Insurance

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

Blocking legitimate users is part of that problem, blocking users wanting to protect their traffic with a VPN is another: This has been there for the past year now. They also blacklist vpn IP addresses. This is poor form as it can break tools that encourage good security practices such as password managers.

Hacking

Hacking Government Encryption Risk

Keeper Security Acquires Glyptodon to Provide Zero-Trust Remote Access for IT Admins, SREs and DevOps Teams

CyberSecurity Insiders

FEBRUARY 3, 2022

It includes integration of Glyptodon Enterprise into Keeper Security’s zero-trust and zero-knowledge security and encryption architecture, resulting in a highly-secure, agentless remote access platform, without the need of a virtual private network (VPN). “In

Password Management

Password Management Passwords Encryption Data breaches

CISA Election Security Alert: Threat Actors Compromise 'Election Support Systems'

SecureWorld News

OCTOBER 12, 2020

Read our joint advisory with the @FBI for technical details and recommended actions: [link] #InfoSec #InfoSecurity #Protect2020 pic.twitter.com/D2Clny9zUI — Cybersecurity and Infrastructure Security Agency (@CISAgov). October 10, 2020. CISA details what the TTPs look like in this attack.

VPN

VPN InfoSec Government Accountability

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

.” – Richard Hall, Senior Director IT Infrastructure and Operations, Financial Force Phase 3: Enabling access to apps Enable access to applications with VPN-less access (e.g., ZTNA) – regardless of location or protocol.

Authentication

Authentication Risk Social Engineering InfoSec

If Infosec Was a Supermarket Business

Security Boulevard

FEBRUARY 27, 2023

and 3rd party vendors (VPN to cloud provider, service provider, etc.). If supermarkets can apply this type of thinking and control, how does this align with infosec & cybersecurity? This is why we have so many different usernames and passwords for all sorts of businesses and services. Download it on Github.

InfoSec

InfoSec Cybersecurity Risk Technology

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Figure 3: Scattered Spider attack timeline Social Engineering: Fool Me Once, Fool Me Twice To gain initial access to the target network, the threat actor called the organization’s IT help desk and persuaded staff to reset the CFO’s account password. This isn’t the first time we’ve seen Scattered Spider target password managers.

Social Engineering

Social Engineering Engineering Accountability Backups

RSA Conference 2021: Resilience

Duo's Security Blog

APRIL 5, 2021

In this talk, Brad will discuss how Cisco’s Zero Trust rollout was not only a logistical challenge with 100,000 global users and a complex mix of cloud and on-premises applications, but also a huge shift in how the company itself thought about networks, perimeters, and security (including reducing its own VPN usage).

CISO

CISO InfoSec Financial Services Marketing

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Read more here.

Technology

Technology Firewall VPN Authentication

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

Pen Test Partners

JULY 1, 2024

There has been a lot of talk on various infosec news feeds about the RegreSSHion vulnerability. Numerous limiting factors may be applied and should be considered such as Access Control Lists (ACL) or Virtual Private Networks (VPN). The flaw results from importer input validation in OpenSSH’s handling of SSH connections.

InfoSec

InfoSec Authentication VPN Firewall

I’d TAP That Pass

Security Boulevard

MARCH 29, 2023

TAP abuse helps us with that issue in two ways: We can add a temporary password to a victim user without invalidating their existing password, ensuring that the user won’t notice a password change. This means that we can use this password directly, without needing a second factor like an application code or SMS.

Authentication

Authentication VPN Passwords Social Engineering

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Figure 3: Scattered Spider attack timeline Social Engineering: Fool Me Once, Fool Me Twice To gain initial access to the target network, the threat actor called the organization’s IT help desk and persuaded staff to reset the CFO’s account password. This isn’t the first time we’ve seen Scattered Spider target password managers.

Social Engineering

Social Engineering Engineering Accountability Backups

Securing work-at-home apps

Errata Security

MAY 19, 2020

They are already involved in securing the server side, the work-at-home desktop, the VPN, and all the other network essentials. If there's one thing that the entire cybersecurity industry is agreed about (other than hating the term cybersecurity, preferring "infosec" instead) is that you need this vulnerability disclosure program.

Engineering

Engineering VPN Encryption Marketing

The Hacker Mind Podcast: Hacking the Art of Invisibility

ForAllSecure

MARCH 1, 2022

Vamosi: Within InfoSec there's an informal use of AppSec as well. And I use a VPN that doesn't log my websites. Don't use familiar passwords seriously. If you want nothing to connect back to you choose an entirely new set of passwords. You need a VPN. You want a VPN that doesn't log transactions.

Hacking

Hacking Mobile Cryptocurrency VPN

Cyber Security Informer

Cisco was hacked by the Yanluowang ransomware gang

The State of Data Breaches, Part 2: The Trilogy of Players

Trending Sources

Protect IT—A Combination of Security Culture and Cyber Hygiene Good Practices

An initial access broker claims to have hacked Deutsche Bank

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Keeper Security Acquires Glyptodon to Provide Zero-Trust Remote Access for IT Admins, SREs and DevOps Teams

CISA Election Security Alert: Threat Actors Compromise 'Election Support Systems'

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

If Infosec Was a Supermarket Business

Scattered Spider x RansomHub: A New Partnership

RSA Conference 2021: Resilience

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

I’d TAP That Pass

Scattered Spider x RansomHub: A New Partnership

Securing work-at-home apps

The Hacker Mind Podcast: Hacking the Art of Invisibility

Stay Connected