Duo's Security Blog

MAY 23, 2024

When reading the title of this blog, you might be wondering to yourself why RADIUS is being highlighted as a subject — especially amidst all of the advancements of modern authentication we see taking place recently. It is commonly used for network access into VPNs, wireless access points, and other devices (more on this later).

Authentication 99

Authentication Wireless Passwords Encryption 99

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, modification – GIFTEDVISITOR” section of Volexity’s recent blog post. x and Ivanti Policy Secure.

VPN 111

VPN Authentication Small Business Telecommunications 111

Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today.

Authentication 95

Authentication Accountability VPN Phishing 95

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 2 VPN ZLD V4.30

Firewall 98

Firewall VPN Authentication Hacking 98

Duo's Security Blog

JUNE 22, 2022

Nevertheless, VPN-less solutions are gaining momentum due to their benefits over traditional VPNs. However, adoption of a VPN-less secure remote access solution varies by industry, an organization’s knowledge, skills, and comfort level with configuring and managing the solution, and cultural factors including executive buy-in.

VPN 86

VPN Architecture Authentication Cyber threats 86

IT Security Guru

MAY 5, 2022

So, the same username or email address may be tied to a personal banking account or even a corporate/work system with intellectual property, VPN access, or even an Active Directory credential.? . . There are many good ones on the market but be sure to protect this personal password vault with multifactor authentication.?

Passwords 99

Passwords Authentication Password Management Accountability 99

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. Affected Products FortiOS 6.0 – 6.0.0

VPN 145

VPN Banking Passwords Malware 145

Duo's Security Blog

DECEMBER 21, 2021

The Remote Desktop Protocol (RDP) feature for the Duo Network Gateway prompts users to authenticate only when necessary, instead of first having them try and fail, forcing them to try again after logging into the company’s virtual private network (VPN). Otherwise, the DNG stays out of the way.

VPN 80

VPN Authentication DNS Architecture 80

Security Boulevard

APRIL 27, 2022

Risky Behavior: VPN Providers Installing Root Certificates Without User Consent. Some VPN apps automatically install self-signed trusted root certificates without informed user consent, says cybersecurity research firm AppEsteem. “We brooke.crothers. Wed, 04/27/2022 - 16:21. And this can lead to security holes. Users not informed.

VPN 52

VPN Encryption Risk Authentication 52

Security Affairs

APRIL 28, 2023

through 4.73, VPN series firmware versions 4.60 The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.16

Firewall 98

Firewall Firmware VPN Authentication 98

Duo's Security Blog

MAY 30, 2024

If successful, the bad actor register malicious devices on the student’s account for continued access to the student’s account and the university’s VPN. Duo Data Scientist, Becca Lynch, wrote about these attacks in the blog, Identity Threat Trends for Higher Education. That’s phishy.

Education 114

Education Cyber threats Authentication Threat Detection 114

Krebs on Security

NOVEMBER 21, 2020

. “A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Kayamori said in a blog post. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Webroot

OCTOBER 17, 2024

Turn on multifactor authentication: Add multi-factor authentication to your logins for extra security. Use a VPN: A VPN (virtual private network) protects your online identity and information. Make them complex and unique, incorporating letters, numbers and symbols.

VPN 100

VPN Identity Theft Passwords Scams 100

Heimadal Security

OCTOBER 14, 2022

MFA, or multi-factor authentication, is a security technique that requires users to verify their identities by offering multiple forms of identification before being granted access to a resource such as an application, online account, website, or VPN. appeared first on Heimdal Security Blog.

VPN 93

VPN Authentication Passwords Accountability 93

Security Affairs

MAY 26, 2022

CVE-2022-26531 : Multiple improper input validation flaws were identified in some CLI commands of some firewall, AP controller, and AP versions that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 138

Firewall VPN Authentication Cyber Attacks 138

Heimadal Security

SEPTEMBER 13, 2022

The American technology giant, Cisco, confirmed that the data leaked by Yanluowang ransomware gang on September 11, 2022, is authentic. The company’s network has been breached through the VPN account of an employee. The post Yanluowang Ransomware Gang Leaked Cisco Stolen Data appeared first on Heimdal Security Blog.

Ransomware 90

Ransomware VPN Authentication Technology 90

Duo's Security Blog

APRIL 7, 2021

Those wonderful words of ‘Denied Access’ appear in your browser; you need to connect to the corporate VPN to access your pay stub. If you are like me, you sigh, and put your machine to sleep because the workflow for your VPN requires far too much effort for something that should be a simple and quick process.

VPN 56

VPN Password Management Authentication Architecture 56

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. Estimate and plan for how much it will cost to deploy multi-factor authentication to all of your apps and users.

Authentication 81

Authentication Software Mobile Passwords 81

Troy Hunt

APRIL 6, 2020

That email would have been a reply to one you originally sent to me that would have sounded something like this: Hi, I came across your blog on [thing] and I must admit, it was really nicely written. I also have an article on [thing] and I think it would be a great addition to your blog. On a popular blog. Just the title.

Advertising 291

Advertising Internet Internet VPN 291

eSecurity Planet

JUNE 3, 2024

May 28, 2024 Check Point VPN Zero-Day Vulnerability Requires Hotfix Type of attack: Information disclosure zero-day. The problem: Recently discovered zero-day CVE-2024-24919 affects Check Point virtual private network (VPN) products. FortiSIEM Vulnerability Allows Remote Code Injection Type of vulnerability: Remote code injection.

VPN 109

VPN Authentication Passwords Software 109

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for MFA.

Ransomware 88

Ransomware VPN Passwords Backups 88

eSecurity Planet

MARCH 11, 2024

March 4, 2024 JetBrains Server Issues Continue with New Vulnerabilities Type of vulnerability: Authentication bypass. The problem: Two authentication bypass vulnerabilities, CVE-2024-27198 and CVE-2024-27199 , allow unauthenticated attackers to exploit JetBrains TeamCity servers. The fix: Deploy JetBrains TeamCity version 2023.11.4

Authentication 109

Authentication Software VPN Security Defenses 109

eSecurity Planet

OCTOBER 28, 2024

The attacker must be authenticated and have Site Owner permissions to conduct the attack, but with those, they could inject and execute arbitrary code in SharePoint Server contexts. The problem: Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) both have a vulnerability in their Remote Access VPN service.

Phishing 102

Phishing Authentication VPN Software 102

LRQA Nettitude Labs

MARCH 27, 2024

Direct access to the corporate network through a Virtual Private Network (VPN) or graphical access to a Virtual Desktop Infrastructure (VDI) host is unusual, meaning that in order to interact with internal corporate websites, operators must tunnel traffic from their systems to the internal network, through the in-memory implant.

Authentication 91

Authentication Passwords VPN Accountability 91

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking 98

Hacking VPN Marketing Authentication 98

Webroot

OCTOBER 1, 2024

Turn on multi-factor authentication Using multi-factor authentication adds a layer of security to your passwords by having you prove your identity in multiple ways. Authentic company emails do not usually come from addresses like @gmail.com. noreply@yourbank.com.)

Security Awareness 85

Security Awareness Backups Passwords Password Management 85

eSecurity Planet

SEPTEMBER 5, 2023

Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. It is suspected that the Akira ransomware organization used an undisclosed weakness in Cisco VPN software to evade authentication.

VPN 104

VPN Authentication Ransomware Antivirus 104

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 134

Accountability VPN Software Antivirus 134

Duo's Security Blog

MAY 13, 2024

Secure authentication isn’t fun, but you put up with it as part of your day because you know it’s keeping you safer. That’s why we’re so excited to bring to market Duo Passport — a new capability that drives secure, seamless access to all the permitted applications with just one interactive authentication.

Authentication 116

Authentication VPN Healthcare Risk 116

Security Affairs

MAY 4, 2023

The threat actors allegedly obtained access to Ukraine’s public networks by using compromised VPN credentials. ” CERT-UA urges Ukrainian critical organizations using multi-factor authentication for VPN accounts, network segmentation and filtering of incoming, outgoing and inter-segment information flows.

VPN 98

VPN Education Accountability Cyber Attacks 98

Webroot

AUGUST 6, 2024

They must now address topics about academic integrity and the authenticity of student work in the context of AI’s influence. Likewise, by promoting a culture of authenticity and integrity, schools can ensure that AI serves as a valuable educational tool rather than a shortcut for students.

Education 91

Education Identity Theft Artificial Intelligence Technology 91

eSecurity Planet

FEBRUARY 12, 2024

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. Orca Security published a blog post about the vulnerabilities — its researchers discovered and reported the issues in Fall 2023, and Microsoft quickly patched them.

VPN 109

VPN Authentication Software Firewall 109

Webroot

APRIL 2, 2024

It underscores the necessity for robust password policies and advanced security measures like Multi-Factor Authentication (MFA) and encryption methods resilient against GPU-powered attacks. VPN Usage: Restrict RDP access to users connected through a Virtual Private Network (VPN) , reducing the exposure of RDP to the open internet.

Cybersecurity 92

Cybersecurity Passwords VPN Authentication 92

Krebs on Security

APRIL 6, 2022

Microsoft blogged about its attack at the hands of LAPSUS$, and about the group targeting its customers. “They would just keep jamming a few individuals to get [remote] access, read some onboarding documents, enroll a new 2FA [two-factor authentication method] and exfiltrate code or secrets, like a smash-and-grab,” the CXO said.

Social Engineering 256

Social Engineering Phishing Engineering Accountability 256

Krebs on Security

MARCH 23, 2022

In a blog post published Mar. For a fee, the willing accomplice must provide their credentials and approve the MFA prompt or have the user install AnyDesk or other remote management software on a corporate workstation allowing the actor to take control of an authenticated system.

Social Engineering 304

Social Engineering Accountability Mobile Passwords 304

Javvad Malik

NOVEMBER 11, 2021

Cloud usage has increased, we’ve seen VPN’s crop up everywhere, and the shiny hotness that is MFA (multi factor authentication). At the beginning of lockdown, we saw phishing emails which claimed to be from IT asking unwitting staff to download the latest VPN. Spoiler alert, it wasn’t a VPN.

VPN 100

VPN Authentication Passwords Scams 100

Cisco Security

MARCH 27, 2021

Read more about DoH in this blog by my colleague Nancy Cam-Winget. But unlike enterprise cloud services, which authenticate users before letting them in, DoH doesn’t have a gatekeeper. In this blog I’ll explain the need and how we see it working. The difference: with VPNs, most enterprise traffic goes through a single tunnel.

DNS 105

DNS VPN Advertising Encryption 105