News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: MFA

One-third of login attempts with stolen login credentials
19 October 2022
| No comments
| PR News
One-third of login attempts with stolen login credentials

In its latest State of Secure Identity Report, Okta, a provider of identity solutions, shows that attempts to log in with stolen credentials – the so-called “credential stuffing” – are the biggest threat to customer accounts. For the trends, examples, and observations presented in the report, Okta evaluated billions of authentications on its Auth0 platform. In credential stuffing, attackers exploit the habit of some users to use a single password for multiple logins. It begins by stealing the username and password, then using automated tools to access other accounts belonging to that user...

Read more

Cloud Exchange: Accounts without MFA abused for spam
10 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft reports on analyzed attacks on cloud exchange. Attackers penetrated the cloud exchange accounts using credential stuffing, known passwords from previous data breaches – all without multi-factor authentication (MFA). Then everything was set up for mass spamming via these accounts. Microsoft researchers recently investigated an attack in which malicious Open Authorization (OAuth) applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation found that the threat actor launched credential stuffing attacks against high-risk accounts that didn't have multi-factor authentication (MFA) enabled, and…

Read more

Lapsus$ is probably behind Uber-Hack
September 26, 2022
| No comments
| PR News
Lapsus$ is probably behind Uber-Hack

A few days ago, there was news that Uber was the victim of a major hack. There are even suspicions that the attackers have captured a vulnerability list from a bug bounty program. Uber, the travel service provider, has now confirmed that the attacker is the Lapsus$ group. Much was still unclear in the first report on the Uber hack. According to the driving service provider Uber, the processes can now be described and precisely defined which data was stolen. Here's what happened, according to Uber: “An Uber EXT contractor's account was compromised by an attacker using malware and their credentials were stolen. It…

Read more

Multi-Factor Authentication: Hackers just give up
September 13, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A Europol report shows that multi-factor authentication (MFA) can effectively fend off cyberattacks. In this specific case, given the high hurdles imposed by MFA, the hackers simply gave up their ransomware attack. A simple measure prevented a ransomware attack: Because the targeted victim had protected their systems with multi-factor authentication (MFA), the attackers apparently decided that their plan would be too complex to implement and simply gave up. This was reported by investigators from Europol at an event to mark the sixth anniversary of Europol's "No More Ransom" initiative. The authority had the attack attempt in their investigations ...

Read more

Why hackers are bombarding users with MFA requests
September 7, 2022
| No comments
| Stories
Why hackers are bombarding users with MFA requests

MFA Prompt Bombing is an effective attack method used by attackers to gain access to a system protected by Multi-Factor Authentication (MFA). The attacker sends a large number of MFA approval requests to a user in order to overwhelm them with the requests. One wrong click and an attacker has access. Regardless of the level of MFA Prompt Bombing harassment, the goal is for the user to accept the MFA request and grant access to accounts or provide a way to run malicious code on a targeted system. The security industry views MFA prompt bombing attacks as a…

Read more

Pitfalls of Cloud Computing
July 18, 2022
| No comments
| PR News
Pitfalls of Cloud Computing

New report shows the pitfalls of cloud computing: Cloud computing has already become the standard in many areas in recent years. But as practical as using the cloud is, security should not be neglected. The use of cloud computing has accelerated significantly over the past two years and is likely to become the dominant model for hosting data and programs in the foreseeable future. Today it is already indispensable in many areas, for example when working together on documents and databases across different locations and...

Read more

IT security: Excuses do not protect
July 6, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Cyber ​​risks are constantly increasing. However, the necessary investments in IT security often remain insufficient because many companies feel adequately protected. However, this is often a fallacy and associated with extremely high security risks, says security expert CyberArk. Many companies are actively driving digitization forward. However, the topic of cyber security is neglected. This is confirmed by 73 percent of the IT decision-makers surveyed in Germany in a recent study by CyberArk. Excuses instead of investments Companies give various reasons for not investing in security. Common statements are: "We are already secured enough, for example with perimeter protection."...

Read more

Employees want an alternative to the password
June 15, 2022
| No comments
| Stories
Employees want an alternative to the password

A survey of 1.010 employees reveals common mistakes and problems related to passwords. 45 percent of employees in German companies would like an alternative to the password. Almost every fifth German uses the names of pets, children or their favorite football team as passwords. This is according to a study by Beyond Identity, the invisible multi-factor authentication (MFA) provider. More than 1.000 German employees were asked about password hygiene and the most common mistakes made when using passwords were made visible. The most important results at a glance 42 percent of those surveyed already have more…

Read more

Salesforce introduces mandatory multi-factor authentication (MFA).
March 25, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Salesforce made multi-factor authentication (MFA) mandatory on February 1, 2022. Customers are thus required by the new user agreements to use MFA when accessing Salesforce products. With this, Salesforce is responding to the constantly growing threat landscape in which trust, integrity and availability of customer data are increasingly essential for companies to survive. No Access Without MFA The types of cyberattacks that are crippling businesses and harming consumers are on the rise. In addition, companies are increasingly relying on remote working environments. This makes it even more important to implement tighter security measures - without compromising the user experience...

Read more

Defense-in-depth approach for enhanced cyber security 
March 6, 2022
| No comments
| PR News
Defense-in-depth approach for enhanced cyber security

Classic security measures such as multi-factor authentication or anti-virus programs are not sufficient for comprehensive cyber security. Companies must therefore pursue a defense-in-depth approach and focus primarily on securing identities and privileged access, says security expert CyberArk. In most attacks, regardless of who is behind them, the identity layer is the first point of entry into an organization's network. In many cases, it has been shown that attackers are able to maintain persistent, undetected and long-term access in compromised environments by using legitimate credentials, among other things. MFA,…

Read more

© 2024 MedPressIT GbR
Cookie Settings