Security News

Admins of MFA bypass service plead guilty to fraud
2024-09-02 17:46

Three men have pleaded guilty to running OTP.Agency, an online platform that provided social engineering help to obtain one-time passcodes from customers of various banks and services in the U.K. [...]

Admins of MFA bypass service plead guilty to fraud
2024-09-02 17:46

Three men have pleaded guilty to running OTP.Agency, an online platform that provided social engineering help to obtain one-time passcodes from customers of various banks and services in the U.K. [...]

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back
2024-08-29 11:26

Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest...

Mandatory MFA for Azure sign-ins is coming
2024-08-19 09:23

Microsoft is making multi-factor authentication - "One of the most effective security measures available" - mandatory for all Azure sign-ins. October 2024: MFA will be required to sign-in to Azure portal, Microsoft Entra admin center, and Intune admin center Early 2025: MFA required for signing in for Azure Command Line Interface, Azure PowerShell, Azure mobile app and Infrastructure as Code tools.

Microsoft: Enable MFA or lose access to admin portals in October
2024-08-16 19:06

Microsoft warned Entra global admins on Thursday to enable multi-factor authentication (MFA) for their tenants until October 15 to ensure users don't lose access to admin portals. [...]

Snowflake lets admins make MFA mandatory across all user accounts
2024-07-10 16:45

A month after incident response giant Mandiant suggested the litany of data thefts linked to Snowflake account intrusions had the common component of lacking multi-factor authentication controls, the cloud storage and data analytics company is offering a mandatory MFA option to admins. The general availability of Snowflake Trust Center was also announced concurrently - a framework for customers to monitor compliance with the MFA policies Snowflake hopes will be applied more broadly.

Hackers abused API to verify millions of Authy MFA phone numbers
2024-07-03 16:43

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. In late June, a threat actor named ShinyHunters leaked a CSV text file containing what they claim are 33 million phone numbers registered with the Authy service.

How MFA Failures are Fueling a 500% Surge in Ransomware Losses
2024-07-02 11:00

The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in...

Scathing report on Medibank cyberattack highlights unenforced MFA
2024-06-18 17:25

A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. In October 2022, Australian health insurance provider Medibank disclosed that it had suffered a cyberattack that disrupted the company's operations.

Medibank breach: Security failures revealed (lack of MFA among them)
2024-06-18 14:22

The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank's IT contractor. According to a statement by the Australian Information Commissioner filed with the Federal Court of Australia, the credentials were stolen by way of infostealer malware, after that employee "Saved his Medibank username and password for a number of Medibank accounts to his personal internet browser profile on the work computer he used to provide IT services to Medibank", and then signed into his internet browser profile on his personal computer.