Security News

Passwordless technology is gaining traction due to the dizzying number of passwords that the average user accumulates. Passwordless authentication is a way to verify user identities without relying on a manually entered password.

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token."The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user," Cisco says, but notes that "Individual hosts and services behind the VPN headend would still need additional credentials for successful access."

Passwordless authentication is a more secure method of granting access to systems. Passwordless authentication allows users to access a system without the need to provide a password.

A threat actor specializing in establishing initial access to target organizations' computer systems and networks is using booby-trapped email attachments to steal employees' NTLM hashes. "User authentication in Windows is used to prove to a remote system that a user is who they say they are. NTLM does this by proving knowledge of a password during a challenge and response exchange without revealing the password to anyone," Microsoft said in a recent post that announced their goal to deprecate NTLM use in favor of Kerberos - a more modern, extensible and secure authentication protocol.

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager authentication hashes to perform account hijacks. NTLM hashes are used in Windows for authentication and session security and can be captured for offline password cracking to obtain the plaintext password.

One of the best defenses against credential-stealing phishing attacks is multifactor authentication. MFA introduces several extra security factors in the authentication process, including: something you know, something you have and/or something you are.

AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs. Log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others.

In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad's recent State of Authentication Survey. 39% indicated phishing is the most feared cyberattack, while 49% said it is the attack most likely to happen.

Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a...

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a...