Security News

Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user via OWA. This was unexpected for a few reasons, not least of which was the targeted mailbox was protected by MFA. Logs from the Exchange server showed that the attacker provided username and password authentication like normal but were not challenged for a second factor through Duo. The logs from the Duo authentication server further showed that no attempts had been made to log into the account in question.

Tom Merritt lists five reasons why SMS should not be used for MFA. Multi-factor authentication, or as we used to call it two-factor authentication, is essential-it means you don't rely on your password alone for security. SMS is the most frequently used additional factor because almost everybody has it, and it's a little easier to manage for developers-but it's also the least secure.

Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.

SS8 Networks has been awarded two multi-million dollar Lawful Intelligence contracts using its Intellego XT and Xcipio family of products. SS8 was awarded these contracts due to their continued effort of providing leading edge and cost-effective solutions.

Businesses around the globe are facing challenges as they try to protect data stored in complex hybrid multi-cloud environments, from the growing threat of ransomware, according to a Veritas Technologies survey. Typically, if businesses fall foul to ransomware and are not able to restore their data from a backup copy of their files, they may look to pay the hackers responsible for the attack to return their information.

Multi-factor authentication, for those who haven't been paying attention, involves adding one or more additional access requirements to password-based authentication. At the same time, he argues people should avoid relying on SMS messages or voice calls to handle one-time passcodes because phone-based protocols are fundamentally insecure.

Ermetic announced a platform that provides full stack visibility and control over multi-cloud infrastructure entitlements. To help security and cloud operations teams reduce their attack surface, Ermetic combines a holistic view of both network access and IAM policy entitlements to comprehensively assess risks.

The purpose of threat intelligence is to collect data from a variety of sources outside of the organization's perimeters and generate intelligence on what is happening "Out there", enriching the organization's security operations. Threat intelligence provides visibility that extends beyond the organization's perimeters - and this visibility is based on the vendor's coverage on intelligence sources.

BetterCloud announced the launch of BetterCloud Discover. The new centralized platform gives enterprises insights into employee SaaS adoption, and visibility into the full scope of sanctioned and unsanctioned applications within their company's multi-SaaS environment.

A Russian goes on trial in Paris Monday accused of having defrauded nearly 200 victims across the world of 135 million euros using ransomware. In France, many of the victims were local councils, law or insurance firms and small local businesses such as driving schools or pharmacies.