Tag: mfa

Clorox sues Cognizant for $380M over alleged helpdesk failures in cyberattack

Jul 23, 2025 9:12 PM

Tags: access, attack, breach, business, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data-breach, deep-fake, group, mfa, password, resilience, service, social-engineering, tactics, threat, tool, training

Attack attributed to social engineering specialists: The cyberattack in 2023 was attributed to Scattered Spider, a cybercriminal group known for sophisticated social engineering campaigns targeting IT helpdesks. However, in this case, the attackers succeeded through remarkably basic tactics rather than advanced technical methods.”Scattered Spider’s success with a plain ‘please reset my password’ call confirms that…
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

Jul 22, 2025 2:40 PM

Tags: attack, authentication, credentials, detection, github, malicious, mfa, phishing, rce, remote-code-execution, supply-chain, update

Automated GitHub alarms triggered a quick response: Detection was swift once the updates bypassed GitHub’s usual commit-based alerts and raised red flags in registry logs. The maintainer revoked the compromised token, deprecated the malicious releases, and collaborated with npm to remove them.Socket noted that the attack is a textbook example of “multi-stage supply chain compromise,”…
PoisonSeed überlistet FIDO-Schlüssel

Jul 22, 2025 1:40 PM

Tags: authentication, ceo, crypto, cyberattack, encryption, fido, mfa, okta, password, phishing, qr, social-engineering, vulnerability

Cyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen.FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, um Schwachstellen anderer MFA-Methoden zu beheben. Der berüchtigten Krypto-Hackergruppe PoisonSeed ist es jedoch offenbar gelungen, diese zusätzliche Sicherung zu umgehen. Forscher von Expel sind auf eine Angriffskampagne der Gruppe gestoßen, bei der FIDO mit…
The MFA Illusion: Rethinking Identity for Non-Human Agents

Jul 22, 2025 12:40 AM

Tags: ai, authentication, control, credentials, identity, mfa

As Agentic AI Takes Over Workflows, Traditional Authentication Practices Fall Short. The explosion of agentic AI and autonomous bots to orchestrate cross-system tasks is turning MFA into a brittle defense. Non-human identities often bypass human-centric security controls, operating with static credentials and undefined ownership, creating exploitable identity risks. First seen on govinfosecurity.com Jump to article:…
Veeam Recovery Orchestrator users locked out after MFA rollout

Jul 21, 2025 5:40 PM

Tags: authentication, login, mfa, veeam

Veeam warned customers today that a recently released Recovery Orchestrator version blocks Web UI logins after enabling multi-factor authentication (MFA). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/veeam-recovery-orchestrator-users-locked-out-after-mfa-rollout/
PoisonSeed Attack Tricks Users into Scanning Malicious MFA QR Codes

Jul 21, 2025 8:40 AM

Tags: attack, authentication, cyber, exploit, fido, group, Hardware, malicious, mfa, qr, threat

A sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one of the most secure forms of multifactor authentication (MFA) available today. Security researchers have identified this adversary-in-the-middle (AitM) attack, attributed to the PoisonSeed threat group, which demonstrates how attackers can circumvent hardware-based authentication protections through…
Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

Jul 19, 2025 8:40 PM

Tags: attack, authentication, login, mfa, phishing, threat

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/threat-actors-downgrade-fido2-mfa-auth-in-poisonseed-phishing-attack/
Hackers Exploit FIDO MFA With Novel Phishing Technique

Jul 19, 2025 6:40 PM

Tags: authentication, crypto, cybercrime, exploit, fido, group, hacker, login, mfa, phishing, qr, theft, threat

PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick Users. Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication – FIDO2 physical keys. First seen on govinfosecurity.com Jump to…
Phishers have found a way to downgrade”, not bypass”, FIDO MFA

Jul 18, 2025 9:40 PM

Tags: fido, mfa, phishing

Contrary to recent reports, phishing sleight-of-hand doesn’t defeat FIDO. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/no-phishers-are-not-bypassing-fido-mfa-at-least-not-yet-heres-why/
7 obsolete security practices that should be terminated immediately

Jul 16, 2025 9:40 AM

Tags: access, advisory, antivirus, api, attack, authentication, awareness, breach, business, cloud, compliance, control, cybersecurity, data, defense, detection, edr, endpoint, exploit, google, grc, identity, infrastructure, iot, linkedin, mfa, microsoft, mobile, monitoring, network, office, password, phishing, phone, ransomware, risk, service, siem, social-engineering, strategy, tactics, technology, threat, tool, training, unauthorized, update, vpn, vulnerability, zero-trust

2. Taking a compliance-driven approach to security: Too many teams let compliance drive their security programs, focusing more on checking boxes than solving actual cybersecurity challenges, says George Gerchow, CSO at data security services firm Bedrock Security. He notes that many enterprises drive to meet compliance standards, yet still suffer serious breaches. The reason? They…
So endet die Dienstreise nicht in Gewahrsam

Jul 16, 2025 6:40 AM

Tags: business, china, iran, mfa, password, risk, social-engineering, startup, ukraine, usa, vpn

Geschäftsreisen ins Ausland sind je nach Zieldestination zunehmend risikobehaftet.Angesichts des aktuellen weltpolitischen Klimas sind Dienst- und Geschäftsreisen keine routinemäßige, betriebliche Notwendigkeit mehr, sondern zunehmend ein strategisches Risiko. Dabei spielt es auch keine Rolle, ob es sich um ein Großunternehmen handelt, das auf sämtlichen Kontinenten tätig ist oder ein Startup, das einen seiner Spezialisten auf Messebesuch…
The 10 most common IT security mistakes

Jul 14, 2025 5:40 PM

Tags: access, attack, backup, best-practice, bsi, business, control, cyber, cyberattack, cybercrime, data, detection, group, incident response, infrastructure, Internet, login, mfa, microsoft, monitoring, network, office, password, ransomware, risk, security-incident, service, skills, strategy, technology, threat, tool, vpn

2. Gateway: Weak passwords: The problem: Weak passwords repeatedly make it easier for cybercriminals to gain access to a company network. A domain administrator password with six characters or a local administrator password with only two characters is no obstacle for perpetrators. It is more than clear that this issue is often neglected in practice,…
8 tough trade-offs every CISO must navigate

Jul 14, 2025 11:40 AM

Tags: access, ai, attack, business, ciso, cloud, compliance, computer, cyber, cybersecurity, ddos, defense, detection, framework, group, healthcare, incident response, jobs, malicious, mfa, regulation, resilience, risk, service, technology, threat, tool, vulnerability

2. Weighing security investments when the budget forces choices: Closely related to the trade-off around risk is what CISOs must navigate when it comes to security investments.”For most CISOs, when they have to make tough choices, 99% of the time it’s due to budget constraints that force them to weight risks versus rewards,” says John…
Zero Networks sieht Trend zu OT-Segmentierung

Jul 11, 2025 10:40 AM

Tags: hacker, mfa, network, vulnerability

Administratorprotokolle wie RDP, SSH, RPC, WMI und SMB gehören zu den beliebtesten Angriffsmethoden von Hackern. Um sicherzustellen, dass keine versteckten Schwachstellen für Hacker übrigbleiben, bietet die Just-in-Time-MFA auf Netzwerkebene eine zusätzliche Sicherheitsebene, First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zero-networks-sieht-trend-zu-ot-segmentierung/a41365/
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves

Jul 11, 2025 9:40 AM

Tags: access, attack, authentication, business, cloud, control, data, detection, endpoint, exploit, finance, firewall, group, iam, identity, incident response, infrastructure, mfa, microsoft, monitoring, ransomware, social-engineering, tactics, technology, threat, tool, vulnerability

Ensuing battle over IT resources: Despite the stealth of the attack incident response defenders at the compromised company detected the attack and began to fight back, setting up a tug-of-war to establish control over the organization’s IT resources. In response, Scattered Spider abandoned attempts at covert infiltration and began an aggressive attempt to disrupt business…
FBI’s CJIS demystified: Best practices for passwords, MFA & access control

Jul 10, 2025 4:40 PM

Tags: access, best-practice, compliance, control, law, mfa, password, service, software, windows

FBI’s Criminal Justice Information Services (CJIS) compliance isn’t optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbis-cjis-demystified-best-practices-for-passwords-mfa-and-access-control/
FBI’s CJIS demystified: Best practices for passwords, MFA & access control

Jul 10, 2025 4:40 PM

Tags: access, best-practice, compliance, control, law, mfa, password, service, software, windows

FBI’s Criminal Justice Information Services (CJIS) compliance isn’t optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbis-cjis-demystified-best-practices-for-passwords-mfa-and-access-control/
Why your security team feels stuck

Jul 9, 2025 6:39 PM

Tags: cybersecurity, login, mfa, password

Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/09/why-cybersecurity-friction/
The MFA You Trust Is Lying to You and Here’s How Attackers Exploit It

Jul 9, 2025 6:39 PM

Tags: exploit, mfa

MFA Authenticator apps aren’t cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold”, with fingerprint-bound hardware. Learn more from Token. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-mfa-you-trust-is-lying-to-you-and-heres-how-attackers-exploit-it/
Phishing-resistente MFA-Verfahren – Das ist die Zukunft der Multifaktor-Authentifizierung

Jul 9, 2025 6:39 PM

Tags: authentication, mfa, phishing

First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitwebauthn-multifaktor-authentifizierung-phishing-schutz-a-440566987fe3bb801a421434e4dba52d/
Overcoming Technical Barriers in Desktop and Application Virtualization

Jul 8, 2025 4:34 PM

Tags: data-breach, firewall, mfa, zero-trust

Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access”, no open firewall ports required. Learn more and get a free trial. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/overcoming-technical-barriers-in-desktop-and-application-virtualization/
PoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per Request

Jul 8, 2025 4:34 PM

Tags: citrix, cve, cvss, cyber, data, exploit, flaw, mfa, vulnerability

Security researchers have released proof-of-concept exploits forCVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed >>CitrixBleed2.
Infostealers-as-a-Service Push Identity Hacks to Record Highs

Jul 8, 2025 2:34 PM

Tags: access, business, credentials, cyberattack, finance, identity, mfa, phishing, service, soar

Identity-based cyberattacks soar 156%, driven by cheap Phishing-as-a-Service infostealer malware. Learn how criminals bypass MFA to steal credentials, access bank accounts, and compromise business emails. First seen on hackread.com Jump to article: hackread.com/infostealers-as-a-service-identity-hacks-record-highs/
Qwizzserial Android Malware Masquerades as Legit Apps to Steal Banking Data and Intercept 2FA SMS

Jul 7, 2025 1:34 PM

Tags: 2fa, android, authentication, banking, cyber, data, finance, group, malware, mfa, risk, threat

A new and alarming Android malware family, dubbed Qwizzserial, has emerged as a significant threat, particularly targeting users in Uzbekistan. Discovered by Group-IB in March 2024, this SMS stealer is designed to intercept two-factor authentication (2FA) codes and steal sensitive banking information, posing a severe risk to personal and financial security. Disguised as legitimate applications…
Securing the next wave of workload identities in the cloud

Jul 2, 2025 2:35 PM

Tags: access, api, breach, cloud, computing, control, credentials, data-breach, identity, infrastructure, iot, jobs, kubernetes, mfa, password, risk, service, tool, vulnerability, zero-trust

Extending zero trust to workloads: Applying zero trust beyond just passwords is crucial. On the human side, MFA and conditional access are standard. For workloads, we implemented a similar approach using tokens, certificates and continuous checks. When one service calls another, it presents a cryptographic token or certificate, and the target service verifies it each…
Scattered Spider shifts focus to airlines as strikes hit Hawaiian, WestJet, and now Qantas

Jul 2, 2025 1:34 PM

Tags: attack, authentication, breach, business, cisa, ciso, corporate, credentials, cybersecurity, data, data-breach, government, group, hacker, identity, india, mfa, microsoft, network, password, phone, ransom, ransomware, social-engineering, supply-chain, tactics, unauthorized, vulnerability

Sophisticated help desk deception campaigns: The group has perfected calling corporate help desks and impersonating employees to trick support staff into resetting passwords and adding unauthorized devices to multi-factor authentication systems.Cybercrime syndicates like Scattered Spider operate as compartmentalized organizations, with distinct teams specializing in different attack phases, said Sunil Varkey, advisor at Beagle Security. “One…
Why every company needs a travel security program

Jul 2, 2025 11:34 AM

Tags: access, advisory, awareness, business, china, conference, corporate, credentials, cyber, encryption, government, Hardware, infrastructure, intelligence, international, iran, mfa, middle-east, network, password, resilience, risk, risk-assessment, russia, service, social-engineering, strategy, threat, ukraine, vpn

Geopolitical flashpoints are multiplying: The war in Ukraine continues to destabilize Europe’s eastern edge. In the Middle East, recent US airstrikes on Iranian nuclear facilities have escalated tensions involving Iran, Israel, and the United States, triggering a worldwide caution advisory and rerouting international air traffic. Demonstrations targeting Western business interests are growing in scale and…
Ghost in the Machine: A Spy’s Digital Lifeline

Jul 1, 2025 5:34 PM

Tags: access, ai, attack, authentication, best-practice, cloud, communications, control, country, crypto, cyber, data, encryption, endpoint, framework, government, Hardware, identity, infrastructure, intelligence, jobs, law, linux, mfa, military, network, resilience, risk, software, spy, strategy, technology, threat, tool, vpn, windows, zero-trust
Microsoft Removes Password Management from Authenticator App Starting August 2025

Jul 1, 2025 7:34 AM

Tags: authentication, mfa, microsoft, password

Microsoft has said that it’s ending support for passwords in its Authenticator app starting August 1, 2025.The changes, the company said, are part of its efforts to streamline autofill in the two-factor authentication (2FA) app.”Starting July 2025, the autofill feature in Authenticator will stop working, and from August 2025, passwords will no longer be accessible…
More Support for Complex Authentication Flows: TOTP MFA and Text-Based CAPTCHA

Jun 30, 2025 6:33 PM

Tags: authentication, captcha, mfa

Escape’s new support for TOTP MFA and text-based CAPTCHA enables fully automated DAST on protected apps, reducing scan failures First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/more-support-for-complex-authentication-flows-totp-mfa-and-text-based-captcha/