Authentication, InfoSec and VPN - Cyber Security Informer

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. The researchers found that just being able to reach the management interface for a vulnerable Fortinet SSL VPN appliance was enough to completely compromise the devices.

Risk

Risk VPN Internet Internet

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. ” reads the analysis published by Cisco Talos.

Ransomware

Ransomware Hacking VPN Phishing

The CPRA: What You Should Know as an InfoSec Professional

SecureWorld News

DECEMBER 1, 2022

Training for employees (awareness). Privacy training, specifically. Well documented policies and standards for employees (data handling).

InfoSec

InfoSec Cyber Insurance Consumer Protection Insurance

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication

Authentication Risk Social Engineering InfoSec

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

ransomfeed #security #infosec #energychina pic.twitter.com/deRRximVPd — Ransomfeed (@ransomfeed) November 25, 2023 The China Energy Engineering Corporation (CEEC) is a state-owned company in China that operates in the energy and infrastructure sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence.

Ransomware

Ransomware Hacking Engineering Manufacturing

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Read more here.

Technology

Technology Firewall VPN Authentication

DNA testing company fined after customer data theft

Malwarebytes

FEBRUARY 22, 2023

According to the investigation, an attacker logged into the old VPN (virtual private network) that DDC used before migrating to a new one using a compromised employee account. The infosec program must be developed and implemented within 180 days (six months).

Penetration Testing

Penetration Testing InfoSec Accountability Authentication

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

Blocking legitimate users is part of that problem, blocking users wanting to protect their traffic with a VPN is another: This has been there for the past year now. They also blacklist vpn IP addresses. But getting onto the title of this section, the page in question is the E-Aadhaar authentication page (also geo-blocked).

Hacking

Hacking Government Encryption Risk

Protect IT—A Combination of Security Culture and Cyber Hygiene Good Practices

Thales Cloud Protection & Licensing

OCTOBER 24, 2019

That includes setting up a VPN through which remote employees can access work assets. Infosec personnel should also help employees store those passwords safely such as via the use of a password manager. Implement Multi-Factor Authentication. Proper Cyber Hygiene for Employees and Security Teams. Just the Beginning….

Security Awareness

Security Awareness InfoSec Passwords Accountability

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

They then made a second call to another help desk employee, convincing them to reset the multifactor authentication (MFA) controls on the CFO’s account. Exploiting VPN and ESXi for Undercover Operations At this stage of the attack, visibility was lost as unmanaged devices were used. 60, gaining access to the on-premises environment.

Social Engineering

Social Engineering Engineering Accountability Backups

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

Pen Test Partners

JULY 1, 2024

There has been a lot of talk on various infosec news feeds about the RegreSSHion vulnerability. Numerous limiting factors may be applied and should be considered such as Access Control Lists (ACL) or Virtual Private Networks (VPN). The flaw results from importer input validation in OpenSSH’s handling of SSH connections.

InfoSec

InfoSec Authentication VPN Firewall

RSA Conference 2021: Resilience

Duo's Security Blog

APRIL 5, 2021

In this talk, Brad will discuss how Cisco’s Zero Trust rollout was not only a logistical challenge with 100,000 global users and a complex mix of cloud and on-premises applications, but also a huge shift in how the company itself thought about networks, perimeters, and security (including reducing its own VPN usage).

CISO

CISO InfoSec Financial Services Marketing

I’d TAP That Pass

Security Boulevard

MARCH 29, 2023

Read First: Configure a Temporary Access Pass in Azure AD to register Passwordless authentication methods - Microsoft Entra Microsoft identity platform and OAuth2.0 On our red team engagements and penetration tests, conditional access policies (CAP) often hinder our ability to directly authenticate as a target user.

Authentication

Authentication VPN Passwords Social Engineering

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

From an economics point of view, solutions that can be simultaneously implemented across both IT and OT environments – such as secure-access platforms with two-factor or multi-factor authentication – is a good place for a utility to start, she added, speaking in an online webinar organized by Cisco Systems.

CISO

CISO IoT VPN InfoSec

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Security Boulevard

APRIL 22, 2025

This represents a 34% increase over last years report and is driven in part by the zero-day exploitation of VPN and edge device vulnerabilities asset classes that traditional endpoint detection and response (EDR) vendors struggle to assess effectively. CVE-2024-47575 FortiManager Missing Authentication in fgfmsd Vulnerability (FortiJump) 9.8

Energy and Utilities

Energy and Utilities Authentication Data breaches VPN

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

Further evolution of cyberthreats as a response to infosec tools and measures. For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen).

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

They then made a second call to another help desk employee, convincing them to reset the multifactor authentication (MFA) controls on the CFO’s account. Exploiting VPN and ESXi for Undercover Operations At this stage of the attack, visibility was lost as unmanaged devices were used. 60, gaining access to the on-premises environment.

Social Engineering

Social Engineering Engineering Accountability Backups

Securing work-at-home apps

Errata Security

MAY 19, 2020

They are already involved in securing the server side, the work-at-home desktop, the VPN, and all the other network essentials. If there's one thing that the entire cybersecurity industry is agreed about (other than hating the term cybersecurity, preferring "infosec" instead) is that you need this vulnerability disclosure program.

Engineering

Engineering VPN Encryption Marketing

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. Read on to learn about his journey and how he leads his team: What were you doing when you got your first taste of cybersecurity?

CISO

CISO Healthcare InfoSec Computers and Electronics

Cyber Security Informer

CISA Order Highlights Persistent Risk at Network Edge

Cisco was hacked by the Yanluowang ransomware gang

Webinars

Trending Sources

The CPRA: What You Should Know as an InfoSec Professional

Webinars

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Rhysida ransomware gang claimed China Energy hack

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

DNA testing company fined after customer data theft

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Protect IT—A Combination of Security Culture and Cyber Hygiene Good Practices

Scattered Spider x RansomHub: A New Partnership

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

RSA Conference 2021: Resilience

I’d TAP That Pass

Water utility CISO offers tips to stay secure as IT and OT converge

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Threats to ICS and industrial enterprises in 2022

Scattered Spider x RansomHub: A New Partnership

Securing work-at-home apps

Cisco’s CISO of the Month – Esmond Kane

Stay Connected