Authentication, VPN and Webinar - Cyber Security Informer

Authentication Alone Is Failing: Introducing Continuous Identity Security

Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today.

Authentication

Authentication Accountability VPN Phishing

WHEN IS CYBERSECURITY IS WEEK

Hacker's King

OCTOBER 26, 2024

Activities during this week include engaging workshops, informative webinars, and community events, all designed to empower individuals with the knowledge and skills necessary to navigate today’s cyber threats effectively. Use a virtual private network (VPN) when accessing sensitive information on public networks.

Cybersecurity

Cybersecurity Cyber threats Education Passwords

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication

Authentication Risk Social Engineering InfoSec

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Australia Stresses Cybersecurity Precautions in Wake of Ukraine Conflict

Duo's Security Blog

MARCH 9, 2022

Together these practices — which include multi-factor authentication (MFA), restricting administrative privileges and daily backups — provide a clear framework for businesses anywhere that are looking to improve their foundational security footing , as we’ve previously noted on the Duo Blog.

Cybersecurity

Cybersecurity Passwords Authentication VPN

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Active Lock protects individual files by requiring step-up authentication until the threat is cleared. There are many options for step-up authentication, including Cisco Duo OTP and push notifications.

Technology

Technology Firewall VPN Authentication

Passwords vs. Passkeys: The State of Passkeys on User Endpoints

Duo's Security Blog

SEPTEMBER 4, 2023

In our recent passkey blog series , we’ve been unpacking the difference between new passkey technology and more conventional password security in light of some of the most critical authentication scenarios. They can also be used on other devices through QR code-based “hybrid” authentication.

Passwords

Passwords Authentication Accountability Password Management

Intro to Phishing: How Dangerous Is Phishing in 2023?

Duo's Security Blog

APRIL 20, 2023

A major leading research and teaching institution, the University was looking for a multi-factor authentication (MFA) solution that could integrate with existing IT architecture and be rolled out easily across campus. Duo’s enrollment and authentication processes made it easy for even the most anti-tech users to get up and running with MFA.

Phishing

Phishing Social Engineering Authentication Engineering

Keeper vs Dashlane: Which Should You Use in 2024?

eSecurity Planet

JUNE 21, 2024

5 Keeper, a low-cost password manager, highlights security with strong end-to-end encryption and authentication. Passwordless authentication: Accepts third-party passwordless authentication like QR codes, mobile authenticator apps, one-time passwords, and more. 5 Security: 4.6/5 5 Pricing: 3.6/5 5 Customer support: 3.9/5

Password Management

Password Management Passwords Encryption VPN

Ensuring Security and Compliance for Global Healthcare

Security Boulevard

APRIL 9, 2021

Remote work technologies are playing an important role to enable a healthcare telework community, and threat actors continue to target VPN vulnerabilities – a high-risk point. Endpoints can be user devices – user laptops, workstations and devices often used to access networks remotely via VPN. Webinar: Ransomware: Cyber Defense Demo.

Healthcare

Healthcare Ransomware Risk VPN

MSPs: Becoming the Trusted Cyber Insurance Advisor

Duo's Security Blog

FEBRUARY 4, 2025

Authentication is key and a core requirement Considered by insurers as one of the most important security controls, multi-factor authentication (MFA) protects against stolen credentials by using two or more factors to identify the user (beyond the traditional username and password).

Cyber Insurance

Cyber Insurance Insurance Authentication Risk

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

From an economics point of view, solutions that can be simultaneously implemented across both IT and OT environments – such as secure-access platforms with two-factor or multi-factor authentication – is a good place for a utility to start, she added, speaking in an online webinar organized by Cisco Systems.

CISO

CISO IoT VPN InfoSec

Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Security Boulevard

DECEMBER 6, 2024

Thats according to Corvus Insurances Q3 2024 Cyber Threat Report , which said many of the ransomware attacks in Q3 leveraged outdated VPN software and poorly protected VPN gateways.

Cybersecurity

Cybersecurity VPN Ransomware Software

Top Trending CVEs of February 2024

NopSec

FEBRUARY 28, 2024

The attack chain is pretty interesting, but does require authenticated access. As it turned out all of the needed information was accessible to any authenticated user via a request to the “/ghost/api/admin/users/?include=roles” Ivanti SSL VPN CVE-2024-21888 and CVE-2024-21893 Ivanti has had a rough couple of months.

Authentication

Authentication Accountability Passwords Risk

Top Trending CVEs of April 2024

NopSec

MAY 1, 2024

Palo Alto PanOS RCE CVE-2024-3400 It feels like the first quarter of 2024 has been defined by a string of SSL VPN command execution vulnerabilities and Palo Alto has jumped on the wagon. The analysis revealed that the SSL VPN end-point was shipped without disk encryption enabled, which made filesystem access trivial.

Firewall

Firewall VPN Software Authentication

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

What if the recipient is in a hurry and under a lot of stress – will they be aware of how sophisticated and authentic-looking a well-crafted whaling attack can be? A well-crafted spear phishing attack can be extremely difficult to detect because attackers perform detailed research on their victims to make the email appear authentic.

Phishing

Phishing Social Engineering Engineering Healthcare

Top Trending CVEs of March 2024

NopSec

APRIL 3, 2024

The application behavior varies depending on the authentication status of the attacker. An unauthenticated user can only read the first three (3) lines of a file, however authenticated users can read the entire file system. Fortinet FortiGate SSL VPN RCE CVE-2024-21762 I think SSL VPN RCE may be my favorite combination of acronyms.

VPN

VPN Authentication Architecture Software

Ransomware Prevention, Detection, and Simulation

NetSpi Executives

APRIL 27, 2024

Logins without multi-factor authentication. terminal services, virtual private networks (VPNs), and remote desktops—often use weak passwords and do not require MFA. Enable multi-factor authentication. Watch the Webinar Ransomware simulation In this section, learn about ransomware attack simulation.

Ransomware

Ransomware Cyber Insurance Backups Insurance

Nastiest Malware 2024

Webroot

OCTOBER 31, 2024

Steam the Webinar on demand HERE As we look back on the cybersecurity landscape of 2024, it’s clear that the world of digital threats continues to evolve at an alarming pace in parallel with AI. Enable Multi-Factor Authentication (MFA): Activate MFA on all accounts that offer it, preferably using authenticator apps or hardware keys.

Malware

Malware Ransomware Passwords Healthcare

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

Imagine a shift away from logging into a “network” to having security seamlessly built into the network, and multi-factor authentication and authorization continuously performed at the application level on the fly — without users typing passwords. The vision being set forth by OMB is ambitious — but vital.

Authentication

Authentication Government DNS Encryption

Cyber Security Informer

Authentication Alone Is Failing: Introducing Continuous Identity Security

WHEN IS CYBERSECURITY IS WEEK

Webinars

Trending Sources

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Webinars

Australia Stresses Cybersecurity Precautions in Wake of Ukraine Conflict

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Passwords vs. Passkeys: The State of Passkeys on User Endpoints

Intro to Phishing: How Dangerous Is Phishing in 2023?

Keeper vs Dashlane: Which Should You Use in 2024?

Ensuring Security and Compliance for Global Healthcare

MSPs: Becoming the Trusted Cyber Insurance Advisor

Water utility CISO offers tips to stay secure as IT and OT converge

Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Top Trending CVEs of February 2024

Top Trending CVEs of April 2024

Phishing: What Everyone in Your Organization Needs to Know

Top Trending CVEs of March 2024

Ransomware Prevention, Detection, and Simulation

Nastiest Malware 2024

What’s New in the Federal Zero Trust Strategy?

Stay Connected