Skip to main content

The WiKID Blog

Viewing posts tagged Authentication Attacks

Latest release pushes into Privileged Access Management

The 4.1 release of the WiKID Strong Authentication Server - Enterprise Edition includes the ability to use one-time passcodes for Active Directory accounts. We noted an increasing focus on privileged accounts.  Companies need these accounts to manage windows PCs and infrastructure.  Multiple  system admins need to have the credentials for them too.  So, organizations often have shared spreadsheets with credentials.  You can put them into a "password vault" but then there is still a password to the vault and an attacker that is already on the system can still perform a 'pass-the-hash' attack to escalate their privilege. 

Yet another reason to add two-factor authentication to your admin accounts

Seems like we just made the case for requiring two-factor authentication for Cisco Admins due to the SYNFul attack.  Now here's another one.

SYNFUL attack shows the need for 2FA on routers

Cisco has confirmed that the SYNFUL attacks discovered byFireEye are not the result of a vulnerability but rather:

Defense at every stage

Another tweet struck me for it's common sense and truth:

The two things that actually work in information security and how to deploy them.

I was struck by this tweet by @chrisrollf:
2FA and VPNs  - 2 things that work

Recent Posts

Archive

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom