Security News

While brute-forcing and password spraying techniques are the most common way to mount account takeovers, more methodical cybercriminals are able to gain access to accounts even with more secure MFA protocols in place. According to Abnormal Security, cybercriminals are zeroing in on email clients that don't support modern authentication, such as mobile email clients; and legacy email protocols, including IMAP, SMTP, MAPI and POP. Thus, even if MFA is enabled on the corporate email account, an employee checking email via mobile won't be subject to that protection.

These tools can help people complete their jobs but are fraught with security challenges. Frost & Sullivan examined how threats and attacks exist around employees' external systems and devices, and found that multi-factor authentication can be easily leveraged by IT departments.

People who don't take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Dennis soon learned the unauthorized Gmail address added to his son's hacked Xbox account also had enabled MFA. Meaning, his son would be unable to reset the account's password without approval from the person in control of the Gmail account.

Over half of security leaders still rely on spreadsheetsSenior security leaders within financial services companies are being challenged with a lack of trusted data to make effective security decisions and reduce their risk from cyber incidents, according to Panaseer. Security threats associated with shadow ITAs cyber threats and remote working challenges linked to COVID-19 continue to rise, IT teams are increasingly pressured to keep organizations' security posture intact.

Phishers are trying to bypass the multi-factor authentication protection on users' Office 365 accounts by tricking them into granting permissions to a rogue application. How? The aforementioned authorization code is exchanged for an access token that is presented by the rogue application to Microsoft Graph, which will authorize its access.

A new phishing campaign can bypass multi-factor authentication on Office 365 to access victims' data stored on the cloud and use it to extort a Bitcoin ransom or even find new victims to target, security researchers have found. The attack is different than a typical credential harvester in that it attempts to trick users into granting permissions to the application, which can bypass MFA, he said.

About a third of firms and organisations in Europe and the Middle East still believe the humble password is a good enough security measure, according to a survey carried out by French firm Thales. Thales, which bought secure mobile phone SIM card biz Gemalto in 2017, reckoned that over half of IT pros it polled said that unsecured infrastructure was the most likely attack surface.

Cybercriminals compromise 0.5% of all Microsoft enterprise accounts every month because too few customers are using multi-factor authentication, the company has revealed. In a presentation uploaded to YouTube from the recent RSA Security Conference, director of Identity Security Alex Weinert said 1.2 million accounts were compromised in January 2020 alone.

Microsoft reckons 0.5 per cent of Azure Active Directory accounts as used by Office 365 are compromised every month. "About a half of a per cent of the enterprise accounts on our system will be compromised every month, which is a really high number. If you have an organisation of 10,000 users, 50 will be compromised each month," said Weinert.

Today, I want to take a closer look at the PCI DSS 3.2 standard, starting with Requirement 8 and gradually making our way to Requirement 8.3.2. The standard specifically uses CDE, or the cardholder data environment, instead of "Sensitive data," but the concept is the same - make sure the person requesting access is truly who they claim to be.