Security News

99% of compromised Microsoft enterprise accounts lack MFA
2020-03-09 11:15

Cybercriminals compromise 0.5% of all Microsoft enterprise accounts every month because too few customers are using multi-factor authentication, the company has revealed. In a presentation uploaded to YouTube from the recent RSA Security Conference, director of Identity Security Alex Weinert said 1.2 million accounts were compromised in January 2020 alone.

Enable that MF-ing MFA: 1.2 million Azure Active Directory accounts compromised every month, reckons Microsoft
2020-03-05 11:30

Microsoft reckons 0.5 per cent of Azure Active Directory accounts as used by Office 365 are compromised every month. "About a half of a per cent of the enterprise accounts on our system will be compromised every month, which is a really high number. If you have an organisation of 10,000 users, 50 will be compromised each month," said Weinert.

Making Sure You're PCI DSS 3.2 Compliant? MFA to the Rescue
2020-01-28 19:03

Today, I want to take a closer look at the PCI DSS 3.2 standard, starting with Requirement 8 and gradually making our way to Requirement 8.3.2. The standard specifically uses CDE, or the cardholder data environment, instead of "Sensitive data," but the concept is the same - make sure the person requesting access is truly who they claim to be.

HIPAA Standard 164.312(d): MFA to the Rescue
2019-12-26 15:04

How Common is it for Individuals to Remember PINs or Passwords Set by Entities Holding the Information They're Requesting?Humans have enough things to remember as it is and remembering yet another...

Week in review: MFA effectiveness, SMBs and Win7 security, the quantum computing threat
2019-10-06 14:00

Here’s an overview of some of last week’s most interesting news, interviews and articles: Unpatched Android flaw exploited by attackers, impacts Pixel, Samsung, Xiaomi devices A privilege...

Microsoft: Any form of MFA takes users out of reach of most attacks
2019-10-04 14:37

The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, cryptocurrency exchange, online...

Duo Security now offering enhanced MFA support for AWS
2019-06-27 00:00

Cisco’s Duo Security, the leading multi-factor authentication (MFA) and Zero Trust for the Workforce provider, announced enhanced MFA support for Amazon Web Services (AWS). AWS customers can add...

TypingDNA releases MFA solution based on typing biometrics
2019-06-21 01:03

TypingDNA announced an innovative MFA solution that combines proprietary typing biometrics technology, SMS OTP or Email OTP. TypingDNA is a leading behavioral biometrics company that protects...

What will phishers do once push-based MFA becomes widely used?
2019-05-06 09:50

As phishing continues to be the number one method for initiating a breach, investing in anti-phishing technologies or training – preferably both – should be a no-brainer for most companies. As...

Week in review: Norsk Hydro cyber attack, Android privacy, exploiting IMAP to bypass MFA
2019-03-24 18:00

Here’s an overview of some of last week’s most interesting news and articles: Norsk Hydro cyber attack: What happened? “Hydro subject to cyber-attack,” warned Oslo-headquartered Norsk Hydro ASA,...