Duo's Security Blog

JANUARY 8, 2021

“Turns out, people aren’t all that good at predictions,” I wrote in my 2020 article. Few could foresee the turns 2020 would take. Cyber Crime in 2020 I predicted, with money still being the top motivating factor for crime, criminals would blend techniques and technologies into new unforeseen attacks. Well, it was.

Digital transformation 77

Digital transformation Phishing Passwords Authentication 77

Security Affairs

SEPTEMBER 14, 2020

Zerologon attack allows threat actors to take over enterprise networks by exploiting the CVE-2020-1472 patched in the August 2020 Patch Tuesday. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472.

Authentication 131

Authentication Passwords Advertising Architecture 131

Security Affairs

OCTOBER 6, 2020

The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers.

Authentication 136

Authentication Advertising Architecture Cyber Attacks 136

Security Affairs

OCTOBER 12, 2020

According to the Alert (AA20-283A), advanced persistent threat (APT) actors are exploiting multiple legacy vulnerabilities in combination with a the recently discovered Zerologon vulnerability (CVE-2020-1472). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. ” reads the report.

VPN 145

VPN Government Authentication Advertising 145

Security Affairs

OCTOBER 22, 2020

The Taiwanese vendor QNAP has published an advisory to warn customers that certain versions of the operating system for its network-attached storage (NAS) devices, also known as of QTS, are affected by the Zerologon vulnerability ( CVE-2020-1472 ). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon.

Authentication 124

Authentication Advertising Architecture Cybercrime 124

Thales Cloud Protection & Licensing

DECEMBER 17, 2020

The Key Components and Functions in a Zero Trust Architecture. Fri, 12/18/2020 - 06:43. Zero Trust architectural principles. NIST’s identity-centric architecture , I discussed the three approaches to implementing a Zero Trust architecture, as described in the NIST blueprint SP 800-207. Source: NIST SP 800-207.

Architecture 62

Architecture Authentication Accountability Engineering 62

Security Affairs

MARCH 21, 2020

A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. According to Palo Alto researchers, threat actors exploited the recently patched CVE-2020-9054 vulnerability in Zyxel NAS. The vendor advisory is also available.

DDOS 134

DDOS Authentication Advertising Firmware 134

Security Boulevard

OCTOBER 19, 2022

This report also noted that 79% of critical infrastructure organizations didn’t deploy a zero-trust architecture. IBM’s recent Cost of a Data Breach report revealed that data breaches cost companies an average of $4.35 million in 2022, up 12.7% And in Hashicorp’s 2022 State of Cloud Strategy survey, 89% of respondents said security is.

Data breaches 115

Data breaches Architecture Authentication Cybersecurity 115

Security Affairs

SEPTEMBER 20, 2020

DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday.

Authentication 110

Authentication Passwords Advertising Government 110

Security Affairs

NOVEMBER 16, 2021

In this architecture, the authorization service was properly validating user authorization to packages based on data passed in request URL paths. However, we can say with high confidence that this vulnerability has not been exploited maliciously during the timeframe for which we have available telemetry, which goes back to September 2020.”

Authentication 145

Authentication Architecture Hacking Accountability 145

The Last Watchdog

AUGUST 19, 2021

Chris Clements, VP of Solutions Architecture, Cerberus Sentinel. The attacker claims to have compromised an end-of-lifed GPRS system that was exposed to the internet and was able to pivot from it to the internal network, where they were able to launch a brute force authentication attack against internal systems.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Security Affairs

MAY 24, 2021

Below the full vulnerabilities list: CVE-2020-28903 – XSS in Nagios XI when attacker has control over fused server. CVE-2020-28905 – Nagios Fusion authenticated remote code execution (from the context of low-privileges user). CVE-2020-28910 – Nagios XI getprofile.sh and modification of proxy config.

Software 107

Software Risk Authentication Architecture 107

Security Affairs

JULY 2, 2020

The most severe flaw, tracked as CVE-2020-3297, affects Small Business and managed switches, it has been rated by Cisco as high severity. The issue tracked as CVE-2020-3431 could be exploited by tricking a user of the interface into clicking a crafted link. ” reads the advisory published by the company.

Small Business 115

Small Business Engineering Authentication Architecture 115

The Last Watchdog

MARCH 31, 2021

One of the most concerning cybersecurity trends this year is closely connected to 2020. Additional authentication is also needed in case potential complications are indicated. One proven way to overcome these kinds of attacks is by implementing zero trust architecture. Targeting remote workers. All too many vectors.

Cybersecurity 149

Cybersecurity Architecture Authentication Malware 149

The Last Watchdog

JUNE 6, 2022

Based in Morrisville, NC, JupiterOne launched in 2020 and last week announced that it has achieved a $1 billion valuation, with a $70 million Series C funding round. However, you have an external-facing workload that has an authentication policy giving it API level access.

Network Security 262

Network Security Cloud Migration Digital transformation Technology 262

SC Magazine

FEBRUARY 17, 2021

It’s encouraging to see that enterprises understand that zero-trust architectures present one of the most effective ways of providing secure access to business resources,” said Chris Hines, director, zero-trust solutions, at Zscaler.

VPN 135

VPN Social Engineering Authentication Architecture 135

Security Affairs

APRIL 21, 2024

The cybersecurity researchers observed threat actors obtaining initial access to organizations through a virtual private network (VPN) service without multifactor authentication (MFA) configured. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 140

Ransomware Encryption Antivirus VPN 140

SecureList

MAY 23, 2022

In early 2020, we notified the Rockwell Automation Product Security Incident Response Team ( RA PSIRT ) of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment. Since authentication data is encrypted with a preset symmetric key, the attacker could decrypt an intercepted target (device) password.

Passwords 110

Passwords Authentication Architecture Encryption 110

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Microservices Architecture has Created a Security Blind Spot. Two-factor authentication helps add a layer of security to your API.

DDOS 131

DDOS Authentication Architecture Social Engineering 131

SecureList

OCTOBER 15, 2024

Specifically, they collect: Current username; Processor names and number of cores; Physical disk name and size; The values of the TotalVirtualMemorySize and TotalVisibleMemorySize properties; Current hostname; Local IP address; Installed OS; Architecture. Some infection routines do not check the architecture. org/735e3a_download?

Malware 143

Malware Encryption Architecture Phishing 143

Duo's Security Blog

JULY 19, 2021

The project is a major re-architecture and redesign of the Duo multi-factor authentication experience. Even today, according to Verizon’s 2020 Data Breach Report , 37% of credential theft breaches use stolen or weak credentials. However, it was not explicitly designed to support/enable authentication. This is a big no-no!

Authentication 130

Authentication Passwords Banking Architecture 130

SecureList

SEPTEMBER 29, 2022

In 2020, CVE-2020-28212 , a vulnerability affecting this software, was reported, which could be exploited by a remote unauthorized attacker to gain control of a PLC with the privileges of an operator already authenticated on the controller. UMAS is based on a client-server architecture. Object of research.

Firmware 107

Firmware Passwords Authentication Engineering 107

SecureList

JANUARY 6, 2025

0x22 (34) Adjust the security (DACL) for the user groups LOCAL SYSTEM, AUTHENTICATED USERS, DOMAIN ADMINISTRATOR and DOMAIN USER to grant access to specified file or directory. This memory-resident architecture enhances its stealth capabilities, helping it evade detection by traditional endpoint security solutions. 103 and 185.82.217[.]164

Malware 140

Malware Architecture Passwords Accountability 140

CyberSecurity Insiders

FEBRUARY 12, 2021

T he importance of having robust data security and authentication processes has never been higher. In response , t he Secredas Project, part of Horizon 2020 , has been developed as a consortium of 70 partners focused on the advancement of cybersecurity and safe technology for connected and automated vehicles.

IoT 84

IoT Architecture Authentication Technology 84

Security Affairs

OCTOBER 6, 2020

Using a WordPress flaw (File-Manager plugin–CVE-2020-25213) to leverage Zerologon (CVE-2020-1472) and attack companies’ Domain Controllers. Recently, a critical vulnerability called Zerologon – CVE-2020-1472 – has become a trending subject around the globe. w4fz5uck5) September 8, 2020. Figure 2: PoC – CVE-2020-25213.

Social Engineering 105

Social Engineering Passwords Advertising Accountability 105

SecureWorld News

APRIL 15, 2022

Open Platform Communications Unified Architecture (OPC UA) servers. The advisory also provides some technical details of the threat actors and their tools: "The APT actors' tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices. OMRON Sysmac NEX PLCs.

Architecture 98

Architecture Passwords Authentication Cybersecurity 98

SecureWorld News

SEPTEMBER 18, 2024

2020): The sandwich chain's U.K. In my view, implementing a segmented zero-trust architecture can help isolate external data from internal corporate data, mitigating the risk of cross-contamination," Schultz continued. Subway U.K. customers were targeted by a phishing campaign after a suspected data breach.

Cybersecurity 117

Cybersecurity Data breaches Accountability Passwords 117

eSecurity Planet

JANUARY 27, 2022

It also includes advanced features such as SAML-based single sign-on (SSO) and the company's security architecture has never been hacked. A static single sign-on (SSO) or multi-factor authentication (MFA) product isn’t going to cut it at the enterprise level, where the cost of a breach is high. Learn more about Dashlane.

Authentication 132

Authentication Artificial Intelligence Technology Marketing 132

Cisco Security

JUNE 2, 2022

So full, in fact, that the entire SASE vendor market grew 37% in just a year between 2020 and 2021. SASE is the evolution of networking and security – an architecture that converges them into a single, cloud delivered service. The SASE landscape is full of vendors. It’s clear that SASE is on the top of everyone’s minds.

Marketing 103

Marketing Architecture Internet Internet 103

eSecurity Planet

MAY 19, 2022

Already a leading SD-WAN pick, the HPE subsidiary boosted its market position with acquisitions of security vendor Cape Networks in 2018 and WAN specialist Silver Peak Systems in 2020. infographic from Cisco laying out its SD-WAN architecture. Features: Barracuda CloudGen Firewall and Secure SD-WAN. Open Systems.

Firewall 121

Firewall Architecture Encryption Network Security 121

CyberSecurity Insiders

NOVEMBER 11, 2021

However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures. Example 1: main_infectFunctionGponFiber function, exploits CVE-2020-8958. Example 2: Function exploiting vulnerability CVE-2020-10173.

Malware 85

Malware IoT Firmware Authentication 85

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations suffered an unprecedented number of cyberattacks in 2020. The FBI’s Cyber Division received as many as 4,000 complaints of digital attacks a day in H1 2020, reported by The Hill. These are foundational principles to design next generation security architectures. According to the U.S.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Affairs

APRIL 14, 2022

“The APT actors’ tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices. . “The APT actors’ tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices.

Passwords 139

Passwords Backups Architecture Cyber Attacks 139

Security Boulevard

SEPTEMBER 30, 2022

A key principle of a Zero Trust architecture, as defined in NIST SP 800-207 , is that no network is implicitly trusted. Hence, all network traffic “must be encrypted and authenticated as soon as practicable.” This includes traffic between devices, containers, APIs and other cloud workloads. In fact, bot traffic made up 42.3%

IoT 111

IoT Authentication Encryption Architecture 111

Krebs on Security

SEPTEMBER 5, 2023

“The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault.” The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

CyberSecurity Insiders

JANUARY 26, 2022

The Mirai botnet targets mostly routers and IoT devices, and it supports different architectures including Linux x64, different ARM versions, MIPS, PowerPC, and more. Figure 4 shows the implementation of CVE-2020-10987. Figure 5 shows the implementation of CVE-2020-10173. SURICATA IDS SIGNATURES. SURICATA IDS SIGNATURES.

Malware 81

Malware IoT Authentication Antivirus 81

Cisco Security

JUNE 30, 2022

Hybrid work is here to stay, hybrid and complex architectures will continue to be a reality for most organizations and that has dramatically expanded the threat surface. In fact, 86 percent of global consumers were victims of identity theft, credit/debit card fraud, or a data breach in 2020. Securing the future is good business.

Digital transformation 145

Digital transformation Data privacy Identity Theft Data breaches 145