News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Successful phishing: Attackers attack MFA service providers for Cisco Duo 
B2B Cyber ​​Security ShortNews

Cisco calls its Zero Trust security platform “Duo” for short. Their access is protected by state-of-the-art multi-factor authentication (MFA). Through a phishing attack on Cisco's service provider, attackers were able to access the provider and steal logs that contained information such as telephone numbers, network operators, countries and other metadata. Cisco has released a message informing about the incident affecting the Duo telephony provider. This provider is used by Duo to send MFA messages to customers via SMS and VOIP. Cisco is actively working with the vendor to investigate and resolve the incident….

Read more

Password-free security
Password-free security

Passwords represent a high security risk for companies. Through password theft, attackers can often penetrate company systems unnoticed and cause a lot of damage. Passwordless authentication is therefore trending. CyberArk shows what companies should pay attention to during implementation, especially with regard to the IAM solution used. Everyone knows it: Creating a new password is an annoying process because, for example, it has to be at least eight characters long and contain upper and lower case letters, numbers and special characters. But it's a necessary evil since passwords are still one of the most popular targets for attackers...

Read more

Do companies even get cyber insurance?
Do companies even get cyber insurance? - KI MS

Cyber ​​insurance is not just a question of company strategy, but also whether you get it at all. The new Sophos guide to cyber insurance helps management and IT managers in companies better understand the cyber insurance market. After all, there are unavoidable requirements that must be met in order to ensure that insurance is as economical as possible. Companies often secure additional technical security through cyber insurance. Behind this strategy is, on the one hand, the knowledge of the danger of possibly backward in-house security and, on the other hand, a business calculation on the part of the management team. Every second company affected by attacks Sure…

Read more

IT trends 2024
IT trends 2024

A global leader in AI for cybersecurity has released predictions for 2024 IT trends. Max Heinemeyer, Chief Product Officer, expects in particular an increasing use of AI in attacks, greater bypassing of multi-factor authentication (MFA), more successful actions by Europol and a consolidation of security platforms. Cybercriminals Develop First AI Worm In 2023, hackers tested AI-based malware such as WormGPT and FraudGPT, as well as integrated other AI solutions into their attack methods. In 2024, APTs, state-sponsored attackers, and professional ransomware gangs will use AI in novel ways. The consequences are even faster and more scalable,…

Read more

Passwordless procedures a long way off
B2B Cyber ​​Security ShortNews

Although authentication using passwords has long been criticized from a security perspective, companies are still years away from a passwordless reality. This is shown by a new study from Delinea, the specialist for solutions that seamlessly expand privileged access management. 68 percent of the IT decision-makers surveyed stated that passwords are far from “dead” in their companies. The aim of the report “The Future of Workplace Passwords: Not Dead, but Evolving*” was to better understand the future of passwords in the workplace - against the background of the spread of alternative authentication options in the consumer environment such as...

Read more

Increased QR code attacks via email
Increased QR code attacks via email

Check Point security researchers are observing a new type of phishing attack that uses a dangerous QR code. The new “quishing” is becoming more and more prevalent as many users scan the codes without hesitation. The new variant of phishing with QR codes is becoming increasingly popular: quishing or QR code phishing. The actually harmless QR codes are ideal for disguising malicious intentions. A common QR code image can hide a malicious link, which is hardly visible. Since users are used to QR codes, such a code in an email is often not recognized as a threat. Out of…

Read more

Privileged access management with multi-factor authentication
Privileged access management with multi-factor authentication

The latest release of Secret Server from a leading provider of solutions that seamlessly extend Privileged Access Management (PAM) now supports enforcement of multi-factor authentication (MFA) for credentials - in addition to the already available MFA for logins. In this way, not only are highly sensitive login data even better secured, but companies are now able to meet increasingly strict compliance requirements. Stolen credentials and human error remain among the most common ways cybercriminals gain access to systems and data. Most accesses with stolen logins According to the…

Read more

Passwordless fingerprint authentication via smart card

The new SafeNet IDPrime FIDO Bio Smart Card provides a simple, secure and fast way for users to access applications using only their fingerprint. This provides companies with a passwordless, phishing-resistant authentication solution. Thales' SafeNet IDPrime FIDO Bio Smart Card is a security key that enables strong multi-factor authentication (MFA) for businesses. This new contactless smart card allows users to quickly and securely access corporate devices, applications and cloud services by using a fingerprint instead of a password. Stolen logins responsible for every second attack According to the...

Read more

Cyber ​​forensics: Convenience plays into the hands of cybercriminals
Cyber ​​forensics: Convenience plays into the hands of cybercriminals - Image by Mohamed Hassan on Pixabay

Cyber ​​Forensics: The latest Active Adversary Report from Sophos uncovers an interesting turnaround that addresses a common problem in IT security: convenience. Hard-working attackers exploit this mercilessly. In previous case data from the report, which analyzes actual cyberattacks, exploiting vulnerabilities was the leading cause of attacks, closely followed by compromised credentials. In the first half of 2023, this picture reverses significantly, and for the first time, compromised access data was the top cause at 50%. The exploitation of a vulnerability was 23%. Stolen login credentials…

Read more

Serious vulnerability: shared passwords
Vulnerability: Shared passwords

Shared workspaces are becoming established in companies. If the passwords are also shared, they can be a gateway for hackers. This is proven by the 2023 Verizon Data Breach Investigations Report. But it is also much easier and more secure with passwordless authentication. Cost savings and increases in productivity are the decisive arguments for shared workspaces for employees. Indeed, shared workspaces have become widespread in many industries. Nevertheless, companies have to deal with the security risks. This starts with ensuring that only the right users have access to shared devices. Common passwords are…

Read more