Tag Archive for: MFA

JumpCloud Protect: One-touch featured mobile MFA app

/in


JumpCloud announced JumpCloud Protect, a one-touch multi-factor authentication (MFA) solution that makes it easy for IT admins to deploy and enforce MFA without adversely impacting end users.

Available for iOS and Android devices, JumpCloud Protect enables simple and efficient “touch to verify” functionality for employees when accessing corporate IT resources authenticated by the JumpCloud Directory Platform.

JumpCloud Protect is a fully featured mobile MFA app, that allows employees authenticating into protected apps and resources to verify themselves directly from their corporate-issued or BYOD mobile device. JumpCloud Protect:

  • Installs on both iOS and Android devices
  • Simple “one-touch” accept or deny functionality to verify an identity when accessing IT resources
  • Alternate Time-based One-time Password (TOTP) token-generation capabilities for any JumpCloud authenticated resources or users’ personal online accounts requiring second factor verification

“Our IT team is challenged with a number of requirements. Making employees happy and productive, reducing the total cost of equipping them with the right IT tools, and ensuring we are keeping the company secure while people are remote is our new normal,” said Randy Tanenhaus, IT Manager at ClassPass. “I like JumpCloud’s direction. JumpCloud Protect means we can give our employees the simplest verification solution on the market. Without disrupting their work, we really know it’s them. Further, I have been able to think about other critical priorities versus evaluating, buying, and integrating a 2FA solution into our identity strategy.”

“At Employee Zero, we’ve been implementing JumpCloud solutions for our clients for the past six years,” said James Martin, director at Employee Zero, an IT consultancy and managed service provider. “In that time, we have seen so many exciting advancements in features and value-adds to the platform. JumpCloud Protect is a major leap forward in keeping identity and security in one easy to manage place for both the end user, and for us as IT support. JumpCloud Protect will reduce the cost of maintaining a separate MFA solution for our clients whilst making things…

Source…

DDoS disrupts Belgian parliament. New malware strains in criminal campaign. Threat actors vs. MFA. Disinformation for business.

/in


Attacks, Threats, and Vulnerabilities

Belgian public-sector network suffers cyberattack, affecting parliament (Computing) The attack disrupted a planned meeting of Belgian’s Foreign Affairs, which had been due to discuss the human rights situation in Xinjiang

XSS in the wild: JavaScript-stuffed orders used to compromise Japanese e-commerce sites (The Daily Swig) Website vulnerabilities abused in new hacking campaign

Three new malware families found in global finance phishing campaign (ZDNet) Doubledrag, Doubledrop, and Doubleback are the work of “experienced” threat actors.

Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques (Symantec) Two-factor or multi-factor authentication is used to secure organizations and accounts from attackers, making it a problem for malicious actors. Recent attacks show how they are attempting to bypass or avoid it completely.

The UNC2529 Triple Double: A Trifecta Phishing Campaign (FireEye) We observed a widespread, global phishing campaign from UNC2529 targeting numerous organizations across an array of industries.

Qualys Flags Gaping Security Holes in Exim Mail Server (SecurityWeek) Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.

High-Severity Dell Driver Vulnerabilities Impact Hundreds of Millions of Devices (SecurityWeek) Dell patches high-severity vulnerabilities affecting a driver that is present on hundreds of millions of devices.

How Attackers Use Compromised Accounts to Create and Distribute Malicious OAuth Apps (Proofpoint) Open authorization or “OAuth” apps add business features and user-interface enhancements to major cloud platforms such as Microsoft 365 and Google Workspace. Unfortunately, they’re also a new threat vector as bad actors are increasingly using malicious OAuth 2.0 applications (or cloud malware) to siphon data and access sensitive information. In 2020, Proofpoint detected more than 180 different malicious applications, attacking over 55% of customers with a success rate of 22%.

21Nails vulnerabilities impact 60% of the internet’s email…

Source…

Auth0 Launches Adaptive MFA to Increase Security and Reduce Friction for End Users

/in


Press release content from Globe Newswire. The AP news staff was not involved in its creation.

Click to copy

BELLEVUE, Wash., Dec. 15, 2020 (GLOBE NEWSWIRE) — Auth0, the identity platform for application teams, today launched Adaptive Multi-factor Authentication (MFA), a sophisticated security feature that helps reduce the threat of hacks and data breaches. Adaptive MFA is an important addition to Auth0’s expanding security portfolio—which also includes Bot Detection, Breached Password Detection, Brute Force Protection, and Suspicious IP Throttling—and is one of the platform’s most advanced context-based security features.

Adaptive MFA is designed to help companies address the inherent challenges of enabling security while preserving user experience. Unlike traditional MFA, which is triggered upon every login attempt and creates an additional step for the end user, Adaptive MFA only appears when a login is deemed risky. This is calculated by an overall risk score that measures abnormal behavior from known devices, impossible travel, and/or IP reputation. Customers can have the confidence that with Adaptive MFA, their end users are asked for secondary authentication only when behavioral signals don’t conform to usual patterns for a particular user.

For example, for a user who normally signs into their account at the same time every morning in San Francisco from a personal laptop, Adaptive MFA would only present a second factor authenticator if login was attempted outside of the region, usual timeframe, or from a different computer or IP address. Developers can determine how much weight each signal is given to define the risk score that sets off the trigger.

Many companies are reluctant to implement MFA—proven to be an effective defense against account hacking attacks—out of fear of negatively impacting user experience and thus their conversion and retention performance. However, additional friction during the signup, login, or checkout experiences can affect user conversion/retention,…

Source…

Microsoft Urges Firms to Hang Up on Phone-Based MFA

/in


Microsoft has urged organizations to move away from voice and SMS-based multi-factor authentication (MFA), arguing that systems relying on phone networks are increasingly limited, inflexible and insecure.

Director of identity security, Alex Weinert, explained that, while MFA is essential to protecting users’ accounts, every mechanism used to exploit credentials — including phishing, account takeover and one-time passwords — can be deployed over publicly switched telephone networks (PSTN).

They are also exposed to unique issues by virtue of the fact that SMS and voice protocols were designed without encryption.

“From a practical usability perspective, we can’t overlay encryption onto these protocols because users would be unable to read them. What this means is that signals can be intercepted by anyone who can get access to the switching network or within the radio range of a device,” Weinert continued.

“An attacker can deploy a software-defined-radio to intercept messages, or a nearby FEMTO, or use an SS7 intercept service to eavesdrop on the phone traffic. This is a substantial and unique vulnerability in PSTN systems that is available to determined attackers.”

Social engineering attacks on mobile operators’ customer support agents are another potential route to compromise, leading to SIM swapping , call forwarding and message intercept attacks, he added.

In March, Europol announced the arrest of two dozen individuals suspected of stealing millions via SIM swapping  mobile account hijacking.

Due to mobile operator performance issues and frequently changing regulations, downtime is not uncommon and it can be challenging for the MFA provider to alert the user to warn of difficulties.

Fundamentally, SMS and voice formats are not adaptable, meaning new innovations and security improvements can’t be overlayed. That’s why Weinert recommended encrypted authentication apps like Microsoft Authenticator, Google Authenticator or LastPass Authenticator.

Source…