Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

Summary The Federal Bureau of Investigation FBI, Department of Homeland Security DHS, and Cybersecurity and Infrastructure Security Agency CISA assess Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—will...

WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

If Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability CVE-2021-22893 that is currently being exploited in the wild and for which there is no patch available yet. At least two threat...

NIST and HIPAA: Is There a Password Connection?

When dealing with user data, it's essential that we design our password policies around compliance. These policies are defined both internally and externally. While companies uphold their own password standards, outside forces like HIPAA and NIST have a heavy influence. Impacts are defined by...

11 Useful Security Tips for Securing Your AWS Environment

Want to take advantage of excellent cloud services? Amazon Web Services may be the perfect solution, but don't forget about AWS security. Whether you want to use AWS for a few things or everything, you need to protect access to it. Then you can make sure your business can run smoothly. Read on to...

11 Useful Security Tips for Securing Your AWS Environment

Want to take advantage of excellent cloud services? Amazon Web Services may be the perfect solution, but don't forget about AWS security. Whether you want to use AWS for a few things or everything, you need to protect access to it. Then you can make sure your business can run smoothly. Read on to...

Protect your business from email phishing with multi-factor authentication

Cybersecurity has been in the news far more often in the past 12 months than in previous years, as cybercriminals escalated their activity during the COVID-19 pandemic quarantine. The seismic shift of hundreds of millions of people connecting and working from home every day presented cybercrimina...

Protect your business from email phishing with multi-factor authentication

Cybersecurity has been in the news far more often in the past 12 months than in previous years, as cybercriminals escalated their activity during the COVID-19 pandemic quarantine. The seismic shift of hundreds of millions of people connecting and working from home every day presented cybercrimina...

How to enable Facebook’s hardware key authentication for iOS and Android

Since 2017 desktop users have had the opportunity to use physical security keys to log in to their Facebook accounts. Now iOS and Android users have the same option too. Physical security keys are a more secure option for two-factor authentication 2FA than SMS which is vulnerable to SIM swap...

Finding the Cracks in the Wall - How Modern Scams Bypass MFA

In my previous blog, I discussed the important role multi-factor authentication MFA plays in further securing access to enterprise and consumer services. We also established the fact that although MFA increases authentication security and decreases the risk of account takeover, MFA can, and is,...

Phish-Proof Multi-Factor Authentication with Akamai MFA

Today, Akamai announced Akamai MFA, a phish-proof multi-factor authentication MFA service for the workforce that delivers all of the security benefits of FIDO2 with the frictionless end-user experience of a mobile push on a smartphone. Why has Akamai introduced this new service? When an employee...

FBI warns of increase in PYSA ransomware attacks targeting education

On March 16, the Federal Bureau of Investigation FBI issued a "Flash" alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. According to the alert PDF, the United Kingdom and 12 states in the US...

CVE-2021-21329

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

CVE-2021-21329

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

Authentication flaw

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

CVE-2021-21329

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

CVE-2021-21329 Multi Factor Authentication Token Improperly Validated On User Login

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

CVE-2021-21329

CVE-2021-21329 affects the RATCF open-source framework. The vulnerability allows users with MFA enabled to log in without a valid token, indicating an authentication bypass in the login flow. The issue is fixed in commit cebb67b9d16a8296121201805332365ffccb29638. Connected feeds corroborate the M...

RATCF 授权问题漏洞

RATCF is an open source framework for hosting Cyber-Security Capture the Flag events. RATCF suffers from an authorization issue vulnerability that originates from the fact that a user with multi-factor authentication enabled can log in without a valid token...

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

Almost half of phishing attacks in 2020 aimed to swipe credentials using Microsoft-related lures – from the Office 365 enterprise service lineup to its Teams collaboration platform. According to a Tuesday report by Cofense, which analyzed millions of emails related to various attacks, 57 percent...

Hackers Exploiting Critical Zero-Day Bug in SonicWall SMA 100 Devices

SonicWall on Monday warned of active exploitation attempts against a zero-day vulnerability in its Secure Mobile Access SMA 100 series devices. The flaw, which affects both physical and virtual SMA 100 10.x devices SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v, came to light after the NCC Group on...