Tag Archive for: Friction

Ghostwriter update. Quds Day warning. Drivetime talk radio comes to the cyber battlespace? Secrecy as friction. Inadvertent tweets.

/in


At a glance.

  • Update on Ghostwriter.
  • Jerusalem Day alert.
  • Zoom prankers and deepfake goofs.
  • Secrecy as friction.
  • Inadvertent tweets.

Ghostwriter, and signs of a broader campaign.

FireEye’s Mandiant unit this morning updated its research into Ghostwriter, an influence-operator that came to attention last year as it sought to affect public opinion in Latvia, Lithuania, and Poland. Its messaging then was anti-NATO. The campaigns of 2020 relied upon artlessly crude forgeries and implausible rumor-mongering, but of course disinformation doesn’t need to be art, as long as it can get the right amplification, which Ghostwriter worked to accomplish. 

It was easy for officials to quickly debunk such hogwash as the claim that Canadian soldiers were spreading COVID-19, or that an internal memo circulating in the Polish Ministry of Defense called for resistance against an American “army of occupation” (forged memo helpfully provided, hijacked social media accounts used to lend plausibility to a very implausible narrative). CyberScoop offered a useful account of these efforts at the end of last July. But of course lies can have a bit of a run if they’re provided with a headstart.

In any case, Ghostwriter has now expanded its thematic content to include disruption of domestic Polish politics and also (according to Tagesschau) credential theft attacks on German political figures. FireEye believes the threat actor it tracks as UNC1151 operates some portions of Ghostwriter. The firm characterizes UNC1151 as “a suspected state-sponsored cyber espionage actor that engages in credential harvesting and malware campaigns.”

Taggeschau calls the attackers “chaos troops,” which is apt enough for an operation that aims at disruption. At least seven members of Germany’s Bundestag have received phishing emails, as have some thirty members of the Länder assemblies, that is, the state-level legislatures. German authorities are taking activity seriously. The Bundesamt für Verfassungsschutz (the BfV, the Federal Office for the Protection of the Constitution) und the Bundesamt für die Sicherheit in der Informationstechnik (the BSI, the Federal Officer for Information Security) are investigating, and have…

Source…

Auth0 Launches Adaptive MFA to Increase Security and Reduce Friction for End Users

/in


Press release content from Globe Newswire. The AP news staff was not involved in its creation.

Click to copy

BELLEVUE, Wash., Dec. 15, 2020 (GLOBE NEWSWIRE) — Auth0, the identity platform for application teams, today launched Adaptive Multi-factor Authentication (MFA), a sophisticated security feature that helps reduce the threat of hacks and data breaches. Adaptive MFA is an important addition to Auth0’s expanding security portfolio—which also includes Bot Detection, Breached Password Detection, Brute Force Protection, and Suspicious IP Throttling—and is one of the platform’s most advanced context-based security features.

Adaptive MFA is designed to help companies address the inherent challenges of enabling security while preserving user experience. Unlike traditional MFA, which is triggered upon every login attempt and creates an additional step for the end user, Adaptive MFA only appears when a login is deemed risky. This is calculated by an overall risk score that measures abnormal behavior from known devices, impossible travel, and/or IP reputation. Customers can have the confidence that with Adaptive MFA, their end users are asked for secondary authentication only when behavioral signals don’t conform to usual patterns for a particular user.

For example, for a user who normally signs into their account at the same time every morning in San Francisco from a personal laptop, Adaptive MFA would only present a second factor authenticator if login was attempted outside of the region, usual timeframe, or from a different computer or IP address. Developers can determine how much weight each signal is given to define the risk score that sets off the trigger.

Many companies are reluctant to implement MFA—proven to be an effective defense against account hacking attacks—out of fear of negatively impacting user experience and thus their conversion and retention performance. However, additional friction during the signup, login, or checkout experiences can affect user conversion/retention,…

Source…