Tag: Breach

Microsoft Reveals Russian Hack: Executives’ Emails Compromised

Posted on by Srishti Chaubey

Introduction

In a recent disclosure, Microsoft unveils the details of a sophisticated cyber breach by Russian state-sponsored hackers. The breach, detected on January 12, sheds light on the tactics of the notorious hacking group, Midnight Blizzard, also known as APT29 or Cozy Bear.

Breach Overview: Understanding the Intrusion

In November 2023, Midnight Blizzard initiated a password spray attack. They compromised a legacy non-production test tenant account, gaining access to limited Microsoft email accounts.

Compromised Accounts: Impact on Corporate Email Security

The aftermath reveals that a select group fell victim, including members of Microsoft’s senior leadership team and employees in crucial functions such as cybersecurity and legal. The attackers exfiltrated emails and attached documents, putting sensitive information at risk.

Attribution and Interest: Identifying the Culprits

Microsoft’s threat research team attributed the breach to APT29, emphasising the group’s specific interest in Microsoft’s knowledge of their operations. This marks Midnight Blizzard’s return after their infamous 2020 cyberattack on SolarWinds.


Highlighting the Key Issue: Addressing Problems with Passwords

The breach underscores the vulnerability posed by traditional password systems. The password spray attack exploited weak passwords, showcasing the critical need for organizations to evolve towards passwordless solutions to enforce security.

Risk Mitigation: Addressing Future Threats

Microsoft, quick to respond, is now advocating for the adoption of passwordless solutions as a preventive measure against such breaches. The urgency to reassess and enhance cybersecurity measures has never been more evident.

Immediate Response: Microsoft’s Swift Action

In response to the breach, Microsoft has promptly applied enhanced security standards to its legacy systems and internal business processes. This immediate action aims to sabotage potential follow-up attacks and protect against further unauthorised access.

Ongoing Investigation: Collaborating with Authorities

The investigation is ongoing, with Microsoft actively collaborating with law enforcement and regulators to comprehensively assess the full impact of the breach. This collaboration is crucial for determining additional preventive measures and addressing the evolving landscape of cyber threats.

Conclusion: Looking Ahead

As companies face ever-changing online risks, the Microsoft hack is a clear signal that using weak passwords can be a big problem. Implementing passwordless solutions stands out as a critical step towards a more secure digital future.

Unveiling Terrapin: A New Threat to SSH Security

Posted on by Srishti Chaubey

SSH (Secure Shell) has long been hailed as a reliable protocol for secure network access, widely used for remote terminal logins and file transfers. However, the fortress of secure online connections now faces a dilemma – the Terrapin attack. In this blog, we delve into the intricacies of Terrapin, its potential impact on existing password-based authentication systems, and how organizations can safeguard against this insidious attack. Ready to plunge into the chaos? Buckle up, and let’s explore!

Understanding Terrapin

Terrapin is not your average security vulnerability; it’s a prefix truncation attack specifically designed to exploit weaknesses in the SSH protocol. By manipulating sequence numbers during the handshake process, an attacker can selectively remove messages from the beginning of the secure channel without detection. Imagine a hacker manipulating the building blocks of your messages, pulling them out one by one without you even batting an eye!

Working of Terrapin the SSH Vulnurability
Image Source: https://terrapin-attack.com/

The Attack in Action

The Terrapin attack is not just theoretical; it has real-world implications. Attackers can downgrade connection security by truncating essential messages, such as the extension negotiation message (RFC8308). This truncation can lead to the use of less secure client authentication algorithms and the deactivation of specific countermeasures in OpenSSH 9.5.

The vulnerability has been assigned following CVEs

  • CVE-2023-48795 (CVSSv3 : 5.9 MEDIUM) – General Protocol Flaw
  • CVE-2023-46445 (CVSSv3 : 5.9 MEDIUM) – Rogue Extension Negotiation Attack in AsyncSSH
  • CVE-2023-46446 (CVSSv3 : 6.8 MEDIUM) – Rogue Session Attack in AsyncSSH

Downsides for Password-Based Authentication

Password-based authentication systems are particularly vulnerable to the Terrapin attack. The attack allows an adversary to compromise the integrity of the secure channel, potentially leading to unauthorized access and exploitation of implementation flaws. Picture this: attackers downgrade your connection security by snipping crucial messages. Your passwords might be waltzing into the wrong hands. This could result in attackers signing victims into other accounts without detection, paving the way for sophisticated phishing attacks. Just beware that Terrapin’s not a party crasher; it’s the DJ changing the beats!

Mitigating the Threat

To perform the Terrapin attack, a Man-in-the-Middle attacker is required, along with a cozy spot in local networks, making it challenging on the open internet. However, within local networks, where MITM attacks are plausible, the threat becomes more significant. Furthermore, the attack focuses on SSH connections that use widely adopted encryption modes like ChaCha20-Poly1305 or CBC with Encrypt-then-MAC.

Vulnerability Scanner

To assist organizations in determining vulnerability, a simple console application is developed in Go. This tool helps identify if an SSH server or client is susceptible to the Terrapin attack based on the offered encryption modes and support for strict key exchange countermeasures.

Conclusion: A Safer Alternative at PureID

With Certificate-based authentication, the risk of MITM is mitigated as certificates are bound with IP addresses. Any man-in-the middle will not be able to replay the client certificate, manipulate the handshake & successfully establish TLS connection.

PureID’s ZITA (Just in Time Access) fully eliminates the risk of Terrapin along with any MITM attack. This approach, unlike outdated password-based systems, stands resilient against Terrapin. As the threat landscape evolves, prioritizing advanced authentication mechanisms becomes paramount for ensuring a secure network environment. Forget passwords; they’re so yesterday! Join the secure squad – it’s the future!

MongoDB Security Incident: Navigating the Aftermath

Posted on by Srishti Chaubey

Breach Chronicles: MongoDB’s Unsettling Security Saga Unfolds

On December 13, 2023, MongoDB, a prominent US-based open-source NoSQL database management system provider, faced a substantial security incident. This breach of MongoDB Atlas, a fully-managed cloud database, unfolded as unauthorised access infiltrated corporate systems, laying bare customer account metadata and contact information. The assailants employed a cunning phishing attack, exploiting support service applications. The consequences were dire – a trove of sensitive data, including customer names, phone numbers, and account details, left exposed in the turbulent aftermath of this cyber storm.

MongoDB Steps Explained

Intrusion Footprints: A List of IPs Disclosed

In a proactive move, MongoDB disclosed a comprehensive list of external IP addresses on their alerts page. These IPs were strategically employed by the unauthorised third party. Organisations are strongly advised to meticulously scrutinise their networks, diligently searching for any ominous signs of suspicious activity intricately linked to these disclosed IPs. If you spot these IPs, you’ve got unwelcome guests. Remember it’s time to act, and act fast.

MongoDB Breach

Phishing & Social Engineering – The Achilles’ Heel of Multi-Factor Authentication

MongoDB issues a resolute counsel to its user base, emphasising the critical need to bolster defences against the looming threats of social engineering and phishing. In response, the company advocates the implementation of multi-factor authentication (MFA), urging users to promptly update their MongoDB Atlas passwords as an additional layer of security.

Phishing attacks or social engineering can bypass and disable all types of MFA solutions, as seen time and again. The security incident under discussion started with phishing attacks. So implementing MFA will have zero security advantage but will only increase the cost, efforts and complexity of authentication.

GoPasswordless – The best protection for MongoDB

Going passwordless with PureAUTH will benefit in 2 broad ways to protect MongoDB or any other enterprise applications –

  1. Secure Authentication – PureAUTH offers passwordless authentication which is secure from phishing & social engineering attacks.
  2. Resilience in case of data breach – If data from the database like MongoDB is leaked due to mis-configurations, 0-day vulnerability or insider attacks etc, the adversary will not find any passwords, MFA seeds, swap-able public keys, or any usable data to carry out unauthorised access elsewhere.

Conclusion

Amidst the gloom, MongoDB presents a silver lining: Passwordless Authentication. It’s a call to transcend traditional password reliance for a more secure future. Fortify your defences with passwordless security. MongoDB users, the future beckons. Embrace the resilience of passwordless authentication, reinforce your security posture with PureID, and navigate the cyber security landscape with renewed strength. Passwords? Pfft, that’s so yesterday. The journey continues—Passwordless Authentication awaits.

Okta Breach Part 2: Unveiling the Full Scope and Impact

Posted on by Srishti Chaubey

Introduction

In late October, Okta, reported a cybersecurity breach that initially appeared to affect less than 1% of its customers. However, recent revelations indicate a far-reaching impact, affecting 99.6% of users in the customer support system. This blog post delves into the broader implications of this

The True Scope Revealed

Contrary to initial estimates downplaying, it has now been disclosed that hackers successfully ran a report on September 28, 2023. It contained sensitive information about all Okta customer support system users. The compromised data had names, email addresses, company names, contact phone numbers, and other details, Impacting 100% of Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers. The only exception being those in highly sensitive environments such as the government.

Okta breach : 100% users affected.
Image Source : https://www.helpnetsecurity.com/2023/11/06/okta-support-compromised-service-account/

Financial Impact on Okta

Despite the significant dip in Okta’s stock prices when the breach was first reported in October, resulting in a temporary loss of approximately $2 billion in market capitalisation, the financial fallout seems to be hovering in the single digits. Okta’s latest quarterly financial report indicates a more than 20% increase in revenues for the quarter ending October 31, demonstrating a robust financial performance despite the security incident.

Customer Trust at Stake

The discrepancy between the initially reported 1% impact and the actual 99.6% of affected users reveals a concerning lapse in transparency. Okta customers are now grappling with the realization that threat actors may have access to their names and email addresses, exposing them to the risk of phishing and social engineering attacks. While Okta assures that there is no direct evidence of exploitation, they urge customers to remain vigilant. This stolen information could be weaponized for targeted cyber scams.

Phishing and Social Engineering Threat

With 99.6% of users having their names and email addresses exposed. These stolen data poses a heightened risk of phishing and social engineering attacks.

Okta Phishing

Cyber security experts emphasise the need for Okta customers, especially administrators, to enforce multi-factor authentication (MFA) and consider the use of phishing-resistant authentication. The potential for threat actors to exploit this information for targeted attacks underscores the importance of proactive security measures on the customer’s end.

Conclusion

In the aftermath of the Okta breach, customer trust in identity management systems faces a critical test. As emphasised by the mantra “The ‘S’ in IAM stands for Security”, the true scale of the incident challenges the reliance on auto-saved passwords, demonstrating the vulnerability of conventional systems. We urgently advocate for the adoption of passwordless authentication. For those catching up, our previous post details the Okta breach, highlighting the imperative to #gopasswordless . This approach not only addresses current vulnerabilities but also aligns with the evolving demands of a secure digital landscape.

Unpacking Okta’s Recent Security Breach

Posted on by Srishti Chaubey

Introduction

In today’s interconnected world, data breaches have become unfortunately common. One recent incident that has drawn the cybersecurity community’s attention involves Okta, a prominent identity and access management (IAM) provider. This blog post delves into the specifics of the Okta breach, its impact, and the lessons we can learn.

The Initial Okta Breach

The story starts with a breach of Okta’s case management system, reported in late October. Threat actors gained unauthorised access to sensitive files of 134 Okta customers, less than 1% of the customer base. Some stolen files were HTTP Archive (HAR) files with session tokens, usable in session hijacking attacks.

Okta Breach
Image Source : https://www.helpnetsecurity.com/2023/11/06/okta-support-compromised-service-account/

Targets: BeyondTrust, Cloudflare, and 1Password

BeyondTrust, Cloudflare, and 1Password confirmed their systems were targeted due to this breach. They emphasised no loss of customer data during these incidents, highlighting their robust security measures.

Okta’s Response and Investigation

David Bradbury, Okta’s Chief Security Officer, revealed the breach’s origin. An employee logged into their personal Google account on an Okta-managed laptop, inadvertently saving service account credentials. The hackers exploited this service account, gaining permissions to view and update support cases. The breach occurred from September 28 to October 17, 2023.

Okta Breach Flow
Image Source: https://www.cyberark.com/resources/blog/piecing-together-the-attack-on-oktas-support-unit

Investigation Challenges

Okta’s security team initially focused on unauthorized access to support cases. Identifying suspicious downloads took 14 days. Unique log event types and IDs complicated the detection process.

On October 13, BeyondTrust provided a suspicious IP address, leading to the identification of the compromised account’s activities.

Implications and Ongoing Concerns

The breach raises numerous cybersecurity concerns. Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start, highlighted the potential for secondary attacks arising from exposed data. Such incidents erode trust in service providers, especially for security-focused companies like Okta.

John Bambenek, Principal Threat Hunter at Netenrich, pointed out that recurring security events raise questions about Okta’s reliability in sensitive roles like identity and authentication.

Conclusion: The Vital Role of Passwordless Authentication

The Okta breach underscores the importance of robust cybersecurity practices. Organisations must remain vigilant, conducting continuous security assessments and proactively implementing measures against evolving threats.

A single compromised password can jeopardize an entire institution. Therefore, we strongly advocate for passwordless authentication. By eliminating passwords, organizations can fortify their defenses, enhancing security and reducing the risk of future incidents. Passwordless authentication is a safer and more effective approach to protecting digital identities in today’s evolving landscape. #gopasswordless

Resolution 2023 | Making World Password Free

Slack’s GitHub Exposed – Another MFA Failure

Posted on by Srishti Chaubey

Slack reported suspicious activity on January 9th, 2023 regarding a breach in it’s remotely stored GitHub account. Upon investigation, it was found that tokens of a few Slack employees were stolen, and used to gain access to remote git repositories. The threat actors also downloaded code from private repository. Slack also stated that the threat resulted from a third party vendor, and also assured its users that no customer data is at risk.

Previous Incidents

In March 2015, Slack shared that it had been hacked for over four days in Feb 2015. Additionally, In January 2021, it had a outage for several hours. In a previous blog , we have discussed a past security bug on Slack at December 2022 where passwords were stored in their Android apps in plain text.

Reason and Impact

The attackers were able to gain access due to a security flaw in Slack’s authentication system using Brute Force. Once they had access, they were able to steal the secret seeds (used to generate pseudo random tokens) associated with that organisation’s account and gain access to the private code repositories stored on GitHub. The fact that a brute force attack was successful indicates a security lapse from Slack.

The company claims that the threat actors did not get access to production environment, customer data or Slack resources. Additionally, Slack rotated the concerning tokens with the third vendors, and deployed additional security on their externally hosted GitHub.

About MFA Tokens

In their update what Slack is mentioning as token are MFA seeds or secret keys. These seeds or keys are shared secret between the (Slack’s) server and user’s MFA application. These seeds are used in generation of tokens which are then used to authenticate user in conjunction with passwords.

image credit – Twilio

Twilio has provided here a detailed explanation on how the MFA works with secret keys. Unfortunately Twilio’s Authy was breached and customer’s TOTP secret keys were leaked in the recent past.

Mitigation

Authentication system depending on abusable data like Passwords, Biometrics, or TOTP/HOTP Tokens, of public-keys are insecure by design. Adopting authentication solution which makes use of zero-knowledge factors are resilient to data leakage in case of breach.

PureID‘s Passwordless Authentication platform – PureAUTH eliminates the risk in case of total breach of the authentication parameters it uses to verify users.

Check out, how PureAUTH makes Slack Passwordless and secure from credential based attacks.

Connect with us to know how PureAUTH platform can help your enterprise be more secure and resilient.

Atlassian Pawned by hacker group : Blame Game is on

Posted on by Srishti Chaubey

SiegedSec, the same hacking group that made headlines last year after leaking eight gigabytes of data from the state governments of Kentucky and Arkansas, has hacked the software company Atlassian. The group has shared two floor maps for the Sydney and San Francisco offices and a JSON file containing information about approximately 13,200 Atlassian employees, including their names, email addresses, work departments and phone numbers.

Atlassian Pawned by hacker group Siegedsec. The post by Siegedsec.

SiegedSec post

“THAT’S RIGHT FOLKS, SiegedSec is here to announce we have hacked the software company Atlassian,” the hacking group said in a message that was posted along with the data. “This company worth $44 billion has been pwned by the furry hackers uwu.”

Reason and responsibility:- 

“On February 15, 2023, we became aware that an unauthorised party had compromised and published data from Envoy, a third-party app that Atlassian uses to coordinate in-office resources,” said Atlassian spokesperson Megan Sutton.

Atlassian Pawned by SiegedSec

Envoy, however, was just as quick to rebuff Atlassian’s claims. Envoy spokesperson April Marks said that the startup is “not aware of any compromise to our systems,” adding that initial research had shown that “A hacker gained access to an Atlassian employee’s valid credentials to manipulate and access the Atlassian employee directory and office floor plans held within Envoy’s app.”

Soon after the startup’s denial, Atlassian changed its stance to align more closely with Envoy. They later said an employee posted their credentials on a public repository by mistake.

Damage Control:- 

Atlassian said they disabled the account of the said employee so there is no more threat to Atlassian’s Envoy data. Therefore Atlassian product and customer data is not accessible via the Envoy app and therefore not at risk.”

“The safety of Atlassians is our priority, and we worked quickly to enhance physical security across our offices globally. We are actively investigating this incident and will continue to provide updates to employees as we learn more.”

Mitigation:- 

It has become increasingly common for hacker groups to target individual employees or devices to gain access to enterprise systems. If an attacker is able to obtain an employee’s credentials, they can use that information to infiltrate the organization. To mitigate this risk, some experts recommend using a passwordless solution like PureAUTH. By eliminating passwords, organizations can significantly reduce the likelihood of future breaches and minimize their exposure to unforeseen vulnerabilities.

Resolution 2023 | Making World Password Free
Know Your Code Infrastructure (CIx)

Password Managers are the Hot Targets 

Posted on by Srishti Chaubey

Lastpass reported a security breach a month ago, which is the 8th security incident in the last 11 years. This incident was followed by a recent disclosure by a Google researcher. Many popular password managers like Dashlane, Bitwarden, and Safari can be phished.

There are many lessons that we all need to learn from these recurring incidents. This post is to uncover few points that we have seen have not been discussed by the info-sec community and the industry.

The Catch-22 – Phish or no Phish?

LastPass warned its users of an increased likelihood of Phishing attacks, Credential Stuffing, or other brute force attacks against online accounts associated with their LastPass vault.

Password Managers getting phished is an alarming situation

This statement goes against what all the password managers like LastPass claims – “use of password manager protects users from phishing attacks“.

In recent times there have been more incidents where password managers have been proved vulnerable to phishing attacks. You can find more details in this article Popular password managers auto-filled credentials on untrusted websites 

The Impact

In their blog post, Lastpass reported that customer’s personal information like email, phone number, billing address, IP address have been compromised. That is not all, what LastPass has not talked about is the additional information they collect from their users using their mobile app. 

The screenshots below show the permissions that Lastpass app takes on a user’s phone.

Permission take by LastPass app on an Android device

These permissions enable the application provider like LastPass (other password managers take similar types of permission on user’s device) to collect more information about the user than probably needed. 

User Information collected by LastPass app

In case of a breach, like what happened with LastPass, the severity of the incident and privacy impatc will be more if any additional information collected from the user’s phone is also leaked.

The Passwords

Furthermore, LastPass has reported that customer’s vault containing clear text data, such as website url, and encrypted data of username and password were also obtained by the threat actors. 

Lastpass emphasised on the use of master key, and how a threat actor can not decrypt the password vault even if they have the encrypted data, as the master key, which is a master password set by the user and is not stored on lastpass network. 

While 1Password, a rival firm of Lastpass, claims through their blog that passwords of LastPass can be cracked in $100. They also talk about their superior method of  using secret key and Password Authenticated Key Agreement systems, which makes 1Password’s systems next to impossible to crack. 

With the device specific keys mentioned by 1Password, we feel syncing of the passwords across multiple devices becomes a risky affair. Since passwords need to be decrypted on another device and it needs the user chosen master password as well as the secret key from the earlier device. This problem cannot be solved without exposing the secret key or the user’s passwords (encrypted just with the user chosen master password), in transit. 

Conclusion

After a series of events involving Password Management products, enterprise must seriously think about how safe their user’s data and passwords really are. 

Not to forget, server doesn’t care if the password is coming from a password vault or from an adversary, the server will authenticate as long as it can match the string. So no matter, how and where you store passwords, as long as there as passwords, Enterprises are always at risk.

For a better security, Enterprise must plan to remove passwords from their applications, servers and #GoPasswordless

Another Password Manager Breached – Norton

Posted on by Srishti Chaubey

In January, 2023 Gen Digital, a firm previously popular as Symantec and NortonLifeLock , found itself targeted by a significant Credential Stuffing attack. The attack resulted in the compromise of thousands of user accounts.

Just weeks prior to this incident, LastPass, a prominent competitor of Gen Digital in the password manager market, fell victim to a breach. This breach followed a prior cyberattack against LastPass in August. According to LastPass, the hackers leveraged technical data pilfered during the August cyberattack to gain unauthorized access to its cloud storage system.

It’s worth noting the irony here – the very software designed to fortify defences against cyber attacks found itself in the crosshairs of one. To draw a parallel, it’s akin to a scenario where the police station itself becomes the target of a burglary.

Credential Stuffing

Credential stuffing refers to the use of credentials such as username, email id and personal information from previous security breaches. These credentials are fed to other login systems to gain access to other websites. Unlike other cyber attacks, Credential Stuffing does not require brute force. Instead it uses a simple web solution to stuff thousands of stolen credentials into login systems. Credential stuffing is one of the oldest tricks in the book. It’s very easy to fall victim if one uses the same or similar credentials on multiple sites.

Lost one password? Alas you lost them all - Norton Credential stuffing attack.

I recently explored the website “Have I been pwned” and was shocked to see one of my personal email ids compromised in a previous attack. Going through their listing on breached websites made me realise how unsafe our credentials and information are, and how easily one can gain access to it.

Impact of the Incident

In an internal investigation in December 2022, NortanLifeLock detected “unusually large volume” of login attempts. They found that a malicious actor was using a list of credentials obtained from illegal marketplaces on “dark web”.

Nortan commented that 925,000 people were targeted in a credential-stuffing attack. It is probable that the data does contain names, phone numbers and addresses of users. The attackers might also have access to Norton Password Manager users’ private vault data. This vault contains stored passwords for other online accounts. The firm is not commenting on how much customer data actually got a negative impact because of the attack.

Nortan relaeased a warning to it’s users after failing to reject the mass login attempt. They indicated that they “strongly believe that an unauthorised third party knows and has utilised your username and password for your account.” They also suggested the users to use 2 step authentication systems and provided free credit monitoring services to affected users.

Amplification Effect

The Password managers are a hot target because they provide adversaries with an amplified power to gain access to multiple accounts by compromising one password manager account.

As they say putting all the eggs in one basket is a bad strategy. Keeping all passwords in one manager will have a huge impact if compromised.

Passwords are not assets; they represent security vulnerabilities. Rather than locking them away in a vault, consider going passwordless. #GoPasswordless

Passwords are like Plastic; Lets get rid of ’em

Posted on by Ajit Hatti

Passwords are at the foundation of security and access control ever since humans felt the need of securing resources and access to it. Passwords have been used and abused since millennium and the best documented example of this is “Open Sesame”. 

The surprising fact is even after millennium passwords are ubiquitous, and mean anything but security. The World Password Day is coming up on 7th of May 2020,  let us see what we have learned in the last decade about passwords.

Passwords are Pain

Passwords are pain for an enterprise, right from its users to administrators.

Pain to Manage

A 2016 survey conducted by Intel Security concluded that an average person uses 27 discrete online services. For security reasons it is a must to have different passwords for enterprise applications, social networking sites and online banking but at the same time, very painful to remember all of them. People often reuse their enterprise passwords at external sites and vice versa.

Pain to Comply & Govern

Compliance & Governance mandate passwords to be complex and securely stored. Time and again we have seen from the incidents at  Robinhood, GitHub, Facebook, Instagram and Citrix that even world class enterprises fail to comply. Another big governance failure is to restrict unwarranted sharing of credentials and OTP within an organisation.

Enterprise measures for compliance & governance are defeated due to users’ and administrator’s common but insecure practices.

Passwords in plain text
Passwords in plain text

Pain to Secure

Enterprises spend a significant sum to secure passwords by layering them with additional factors. This increases more things to manage and support but still leaves passwords insecure.

Enterprises are insecure as long as they have passwords in their system

Credential sharing
Credential sharing

Passwords are Risk

2018  Verizon Data Breach Investigation Report stated that 81% of the breaches that year involved Passwords. Phishing, credential stuffing and stealing passwords from processes or dumps being the top vectors.

2019  Verizon Data Breach Investigation Report stated Stolen Credentials as a top most risk for an enterprise, along with web-application vulnerabilities and ransomware.

2020 First quarter is over and things have not changed much. So far we have seen several security incidents involving Passwords.

Cognizant breached by Maze ransomware
SFO Airport breached with stolen credentials
Compromised Zoom credentials swapped in underground

Phishing
Phishing

Passwords are Outdated

The universal availability of mobile devices and newer ways  of authentication it offers, has inspired the world to think Beyond Passwords.

Gartner suggests “Eliminate centrally managed passwords for better security, fewer breaches, lower support costs and enhanced user experience.” in its report Passwordless Approach to improve security

Conclusion

This new decade is a time to go passwordless.

© 2024 | PureID. All Rights Reserved

Privacy & Terms | Licenses