Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Multi-factor authentication. Show all posts
Multi-factor authentication
Cyber Security CyberThreat Data Safety Google Cloud Google security MFA Multi-factor authentication

Google Cloud to Enforce Multi-Factor Authentication for Enhanced Security in 2025

 


As part of its commitment to protecting users' privacy, Google has announced that by the end of 2025, all Google Cloud accounts will have to implement multi-factor authentication (MFA), also called two-step verification. Considering the sensitive nature of cloud deployments and the fact that phishing and stolen credentials remain among the top attack vectors observed by Mandiant Threat Intelligence, it seems likely that Google Cloud users should now be required to perform [2 steps of verification], as Mayank Upadhyay, Google Cloud's VP of Engineering and Distinguished Engineer, told the audience. 

By the end of 2025, Google's cloud division is planning to introduce an optional multi-factor authentication (MFA) feature for all users, as part of its efforts to improve account security as a part of its mission to improve security across the company. As part of a recent announcement by the tech giant, it was announced that it will begin the transition with a phased rollout, to help users adapt more smoothly to the changes. 

The technology industry and cyber security industry have long recommended multifactor authentication as a highly secure authentication method. With an additional step of verification, multi-factor authentication (MFA) dramatically reduces the risk of unauthorized logins, data breaches, and account takeovers, regardless of whether the user's password is compromised. As hackers continue to ramp up their sophisticated attacks on cloud infrastructure and sensitive data, Google is pushing for mandatory MFA as part of a growing trend in cybersecurity. 

According to recent announcements, Google is planning on requiring multi-factor authentication (MFA) for all Cloud accounts by the end of 2025, to protect cloud accounts. MFA is supposed to strengthen security while maintaining a smooth and convenient user experience online, which is exactly what Google claims. It has been reported that 70% of Google users have started using this feature and that security consultants are urging those users who are still on the fence to switch over to MFA at once. Users as well as admins who have access to Google Cloud will be affected by the implementation of the new process. 

Generally speaking, this change will not impact Google accounts of general consumer users. In a recent announcement sent made by Mayank Upadhyay, Google Cloud's VP of Engineering and Distinguished Engineer an official announcement the company stated that they plan to have mandatory MFA implemented throughout 2025 in a phased approach, with assistance being provided to help plan the deployment process. In response to Google's announcement, the company now states that it is taking a phased approach to the mandatory 2FA requirement that will apply to Google Cloud users; here's what that means in practice. 

There will be three phases to the implementation, and the first phase begins immediately with Google encouraging users to adopt 2FA if they have not yet had the chance to install 2FA protection on their account, but currently sign in with a password. Google estimates that 70% of online users have done this. As part of the first phase of the program, which is scheduled to begin in November 2024, the aim will be to encourage the adoption of MFA. The Google Cloud console will be regularly updated with helpful reminders and information. Resources will be available to help raise awareness, plan rollout and documentation of the MFA process, as well as to conduct testing and enable MFA for users with ease. The first phase of the project is scheduled to begin in November 2024 and will play a key role in facilitating the adoption of MFA. 

There will be several notes and reminders in the Google Cloud Console, including information you'll find helpful in raising awareness, planning rollouts, conducting tests, and ensuring that MFA is enabled smoothly for users, to help raise awareness. There will be a second phase that begins early next year and, at the start of the year, Google will start requiring MFA for users who sign in to Google Cloud with a password, whether they are new or existing. Nevertheless, Google has not yet expressed a concrete date for when it is planning to deploy the 2FA technology as part of phase two, which is scheduled for "early 2025". 

It is important to note, however, that all new Google Cloud users, whether or not they already have a password, will be required to implement two-factor authentication to sign in. As of now, this is a mandatory requirement, with no ifs, no buts. As soon as the Google Cloud Console, Firebase Console and iCloud are updated with the 2FA notification, Upadhyay will warn users that to continue using those tools, they need to enrol with the 2FA service. The final phase of Google Cloud's 2FA requirement will be rolled out by the end of 2025, it has been told and will be required for all users currently using federated authentication when logging into Google Cloud by that time. 

It was confirmed in the announcement that there will be flexible options for meeting this requirement. In other words, it appears to be an option for users to enable 2FA with their primary identity provider before accessing Google Cloud itself, or to add a layer of security through Google's system, using their Google account to enable 2FA through their cloud service. A senior director of technical field operations at Obsidian Security told me that the threat landscape has rapidly become more sophisticated as a result of this increased MFA prevalence. The breach data shows that 89% of compromised accounts have MFA enabled, according to Chris Fuller, senior director of technical field operations.

Several phishing-as-a-service toolkits, including the Mamba toolkit that you can buy for $250 a month, as well as non-human identity compromises, suggest that identity compromises will continue regardless of the technology used to carry out." Google's phased rollout is designed to ease users into the new requirement, which could have been met with resistance due to perceived friction in the user experience, especially when the requirement is implemented suddenly," Patrick Tiquet, Vice President of Security and Compliance at Keeper Security, said. Tiquet further emphasized that organizations leveraging Google Cloud will need to strategically prepare for MFA implementation across their workforce. 

This preparation includes comprehensive employee training on the critical role of multi-factor authentication in safeguarding organizational data and systems. Effective MFA adoption may be supported by tools such as password managers, which can streamline the process by securely storing and automatically filling MFA codes. Proper planning and training will be essential for organizations to successfully integrate MFA and enhance security measures across their teams.
Read more »
Phishing Prevention
Cyber Security cybersecurity risks data security edge computing Gen Z Millennials Multi-factor authentication Phishing Prevention

Cybersecurity Risks and Solutions for Millennials and Gen Z

 

Millennials and Gen Z are the most concerned generations about the risk of cyber attacks on their organizations. They also worry about potentially leaving their organizations vulnerable and feel less prepared to handle such cyber threats. Research from Ernst & Young LLP (EY US) indicates that 53% of US employees are concerned about their organization being targeted by cyber attacks, with 34% worried that their actions might make their organization vulnerable.

Among Millennials and Gen Z, 58% and 64% respectively fear losing their jobs if they leave their organization exposed to a cyber attack. This anxiety can negatively impact cybersecurity, as it may lead to unreported cyber incidents due to fear of repercussions. Considering that 68% of cyber attacks involve a non-malicious human element, such as clicking on a phishing email link, addressing this fear is crucial.

To boost cyber confidence and improve response to cyber attacks, here are five steps to enhance cybersecurity for both individuals and their organizations. Phishing, a common cyber attack method, involves hackers sending deceptive emails to trick recipients into clicking on a link, downloading a file, or performing other actions that compromise security. Variants of phishing include smishing (via text), vishing (via phone call), and quishing (via QR codes).

Phishing attacks leverage psychological tactics to manipulate victims. Knowing how to respond to suspicious texts, emails, or calls is key to preventing these attacks. EY US research found that only 31% of Gen Z employees feel very confident in identifying phishing attempts, compared to 51% of Millennials, indicating a need for better employee training.

Here are some tips to identify and prevent phishing attacks:

1. Don't act immediately: Phishing emails often create a sense of urgency. Even if the email claims you must click a link or download a file, pause and evaluate its legitimacy.
2. Read the message carefully: Look for urgent language, differences from typical emails, grammatical mistakes, or unusual requests, such as resetting passwords or buying gift cards, which are signs of phishing.
3. Check the sender: Hackers may impersonate colleagues or executives. Verify the sender’s email address by hovering over the contact name and comparing it with known details. If unsure, contact the person directly.
4. Check the link: Hover over any links to reveal the actual URL. Be cautious, as hackers can create convincing fake websites. 
5. Report phishing attempts: Reporting suspected phishing attempts helps protect your organization by alerting others to potential threats.

Implementing these strategies can protect both individuals and organizations from phishing attacks.

Set Up Multi-Factor Authentication (MFA)
MFA enhances security by requiring users to verify their identity with a code sent via text, email, or an authentication app. This not only confirms legitimate logins but also alerts the company to unauthorized access attempts. The importance of MFA is highlighted by incidents like the cyber attack on Change Healthcare, where the lack of MFA on a Citrix profile allowed hackers to infiltrate their network. While MFA might not completely prevent cyber attacks, it can significantly delay them and provide early warnings.

Use Strong Passwords
Weak passwords are a common security risk, with research showing that 37% of people have risky workplace security habits and 39% use weak login credentials. Strong passwords are crucial as the first line of defense against unauthorized access. If remembering secure passwords is challenging, using a password manager can help generate and store strong passwords. Some regions, like the UK, are moving towards making weak default passwords illegal, a measure that may extend to workplace security in the future.
Read more »
User Privacy
AI technology API accounts ChatGPT Cyber Threats data security Digital Security Multi-factor authentication OpenAI Technology User Privacy

OpenAI Bolsters Data Security with Multi-Factor Authentication for ChatGPT

 

OpenAI has recently rolled out a new security feature aimed at addressing one of the primary concerns surrounding the use of generative AI models such as ChatGPT: data security. In light of the growing importance of safeguarding sensitive information, OpenAI's latest update introduces an additional layer of protection for ChatGPT and API accounts.

The announcement, made through an official post by OpenAI, introduces users to the option of enabling multi-factor authentication (MFA), commonly referred to as 2FA. This feature is designed to fortify security measures and thwart unauthorized access attempts.

For those unfamiliar with multi-factor authentication, it's essentially a security protocol that requires users to provide two or more forms of verification before gaining access to their accounts. By incorporating this additional step into the authentication process, OpenAI aims to bolster the security posture of its platforms. Users are guided through the process via a user-friendly video tutorial, which demonstrates the steps in a clear and concise manner.

To initiate the setup process, users simply need to navigate to their profile settings by clicking on their name, typically located in the bottom left-hand corner of the screen. From there, it's just a matter of selecting the "Settings" option and toggling on the "Multi-factor authentication" feature.

Upon activation, users may be prompted to re-authenticate their account to confirm the changes or redirected to a dedicated page titled "Secure your Account." Here, they'll find step-by-step instructions on how to proceed with setting up multi-factor authentication.

The next step involves utilizing a smartphone to scan a QR code using a preferred authenticator app, such as Google Authenticator or Microsoft Authenticator. Once the QR code is scanned, users will receive a one-time code that they'll need to input into the designated text box to complete the setup process.

It's worth noting that multi-factor authentication adds an extra layer of security without introducing unnecessary complexity. In fact, many experts argue that it's a highly effective deterrent against unauthorized access attempts. As ZDNet's Ed Bott aptly puts it, "Two-factor authentication will stop most casual attacks dead in their tracks."

Given the simplicity and effectiveness of multi-factor authentication, there's little reason to hesitate in enabling this feature. Moreover, when it comes to safeguarding sensitive data, a proactive approach is always preferable. 
Read more »
Zero Trust
Active Directory Authentication Compromised Passwords Cyber Security Cybersecurity Least Privilege Multi-factor authentication Network Security Password Security Security Zero Trust

Implementing Zero Trust Principles in Your Active Directory

 

In the past, many organizations relied on secure perimeters to trust users and devices. However, this approach is no longer viable with the geographical dispersion of workers and the need for access from various locations and devices. End-users now require access to corporate systems and cloud applications outside traditional work boundaries, expecting seamless and fast authentication processes.

Consequently, numerous organizations have adopted a zero-trust model to verify users accessing their data, recognizing Active Directory as a critical component of network authentication. Ensuring the security of credentials stored within Active Directory is paramount, prompting the question of how zero trust principles can be applied to maintain security.

The zero trust model, characterized by the principle of "never trust, always verify," requires authentication and authorization of every user, device, and network component before accessing resources or data. Implementing this model involves constructing a multi-layered security framework encompassing various technologies, processes, and policies.

One fundamental step in securing Active Directory environments is enforcing the principle of least privilege, which restricts privileges to the minimum necessary for individuals or entities to perform their tasks. This mitigates the risks associated with privileged accounts, reducing the potential impact of security breaches or insider threats.

Implementing a zero trust model also entails granting elevated privileges, such as admin rights, only when necessary and for limited durations. Techniques for achieving "just-in-time" privilege escalation include the ESAE (Red Forest) model and temporary admin accounts.

Additionally, employing multi-factor authentication (MFA) for password resets enhances security by adding extra layers of authentication beyond passwords. This mitigates vulnerabilities in password reset processes, which are often targeted by hackers through social engineering tactics.

Moreover, scanning for compromised passwords is crucial for enhancing password security. Despite the implementation of zero trust principles, passwords remain vulnerable to various attacks such as phishing and data breaches. Continuous scanning for compromised passwords and promptly blocking them in Active Directory helps prevent unauthorized access to sensitive data and systems.

Specops Password Policy offers a solution for scanning and blocking compromised passwords, ensuring network protection from real-world password attacks. By integrating such services, organizations can enhance their password security measures and adapt them to their specific needs.

Solutions like Specops Software provide valuable tools and support through demos or free trials for organisations seeking to bolster their Active Directory security and password policies.
Read more »
strong passwords
Anti-Malware Credit Cards Cyber Monday scams Cyber Security debit cards email security Multi-factor authentication Online Scams spoofed domains strong passwords

Cyber Monday Scams: Stay Vigilant and Protect Yourself from These Sneaky Tricks

 

With the shopping holiday of Cyber Monday just around the corner, Brits are being urged to exercise heightened caution against online scams. The prevalence of online scams has surged in recent years, and scammers have become increasingly adept at defrauding unsuspecting shoppers.

On Friday, Felicity Oswald, the chief of the National Cybersecurity Center (NCSC), cautioned that cybercriminals will be out in full force, intent on "scamming people out of their hard-earned cash."

"The growing availability and capability of technology like large language models is making scams more convincing," she explained.

According to the NCSC, shoppers lost over £10 million to online scams during the festive period last year, which included Black Friday and Cyber Monday. City A.M. spoke to Oz Alashe MBE, a cybersecurity expert and CEO of CybSafe, who shared his top tips for staying safe from online scams during the shopping weekend.

"Cyber Monday is not just a time for bargain hunters; it's also a breeding ground for criminals to prey on financial information and sensitive data," he remarked.

"People need to be equipped with the knowledge and understanding to identify these threats before they cause harm. A crucial aspect of this lies in adopting secure behaviors and implementing effective cyber hygiene practices to safeguard consumers, their friends, and their families."

Here are five of the most common online scams to watch out for:

1. Malicious emails and texts

Cybercriminals exploit major shopping events to bombard people with emails and text messages promoting deals and discounts. When you receive such messages, scrutinize the sender's address. Does it appear legitimate? Only click on links if you are absolutely certain of their authenticity. If not, delete them immediately!

2. Spoofed domains

Criminals create replica websites of legitimate brands to trick shoppers into divulging their financial information.

Always double-check the URL of the websites you visit, and exercise caution with links received via email, text, or social media promotions. If you have doubts, search for the brand online to verify if the advertised deals are available on their official website.

3. Prioritize credit cards over debit cards for purchases

Credit cards offer better fraud protection if your information is compromised, making them a valuable tool against online scams.

If you discover unauthorized charges on your credit card, you should be reimbursed for the entire amount spent, provided you notify your provider promptly.

4. Check return policies and read reviews before purchasing from unfamiliar sites

Scam websites often lack return policies or impose strict return windows. Investigate whether there are reviews mentioning fraud or counterfeit products. If something seems suspicious, trust your instincts and avoid the site.

5. Empower yourself to combat online scams

Educate yourself about the tactics employed by cybercriminals, and then consider how you can enhance your security.

Enable multi-factor authentication on online accounts that offer the service. Create strong, unique passwords. Employ anti-malware and email security solutions, and always maintain backups of your critical data. These practices will significantly strengthen your online security.
Read more »
User Privacy
Cyber Security Malicious actor Microsoft Microsoft Office Multi-factor authentication Phishing Attack Sensitive data Unauthorized access User Privacy

Unveiling the DarkGate Malware Phishing Attack on Microsoft Teams

Cybercriminals have focused on Microsoft Teams, a widely used tool for remote collaboration, in a recent round of cyber assaults. This well-known tool is being used by a crafty phishing campaign to spread the dangerous DarkGate ransomware. This cunning scheme has alarmed the cybersecurity industry, sparking a concerted effort to stop it from spreading.

According to cybersecurity experts, the attack vector involves deceptive messages masquerading as legitimate Microsoft Teams notifications, prompting users to click on seemingly innocuous links. Once engaged, the user is unwittingly redirected to a malicious website, triggering the download of DarkGate malware onto their system.

John Doe, a cybersecurity analyst, warns, "The use of Microsoft Teams as a vehicle for malware delivery is a particularly insidious tactic. Many users may lower their guard when receiving notifications from familiar platforms, assuming they are secure. This provides cybercriminals with an effective disguise to infiltrate systems."

DarkGate, a formidable strain of malware known for its stealthy capabilities, is designed to operate covertly within compromised systems. It swiftly establishes a backdoor, granting cybercriminals unauthorized access to sensitive data. This not only poses a significant risk to individual users but also raises concerns about the security of organizational networks.

Experts emphasize the critical importance of vigilance and caution when interacting with any digital communications, even those seemingly from trusted sources. Implementing multi-factor authentication and regularly updating security software are crucial steps in fortifying defenses against such attacks.

Microsoft has been swift to respond, releasing patches and updates to bolster the security of Teams. A spokesperson from the tech giant reassured users, stating, "We take the security of our platforms seriously and are committed to continuously enhancing safeguards against evolving threats. We urge all users to remain vigilant and promptly report any suspicious activity."

Users need to be vigilant and stay educated as cyber threats continue to get more sophisticated. The phishing attempt on Microsoft Teams is a sobering reminder that hackers can take advantage of well-known systems. Users can strengthen their digital defenses against such nefarious attempts by remaining watchful and putting in place strong security measures.
Read more »
Sensitive data
AI Model Cyber Security Encryption Keyboard security Malicious actor MFA Multi-factor authentication Sensitive data

AI Eavesdrops on Keystrokes with 95% Accuracy

An advanced artificial intelligence (AI) model recently showed a terrifying ability to eavesdrop on keystrokes with an accuracy rate of 95%, which has caused waves in the field of data security. This new threat highlights potential weaknesses in the security of private data in the digital age, as highlighted in research covered by notable media, including.

Researchers in the field of cybersecurity have developed a deep learning model that can intercept and understand keystrokes by listening for the sound that occurs when a key is pressed. The AI model can effectively and precisely translate auditory signals into text by utilizing this audio-based technique, leaving users vulnerable to unwanted data access.

According to the findings published in the research, the AI model was tested in controlled environments where various individuals typed on a keyboard. The model successfully decoded the typed text with an accuracy of 95%. This raises significant concerns about the potential for cybercriminals to exploit this technology for malicious purposes, such as stealing passwords, sensitive documents, and other confidential information.

A prominent cybersecurity researcher, Dr. Amanda Martinez expressed her apprehensions about this breakthrough: "The ability of AI to listen to keystrokes opens up a new avenue for cyberattacks. It not only underscores the need for robust encryption and multi-factor authentication but also highlights the urgency to develop countermeasures against such invasive techniques."

This revelation has prompted experts to emphasize the importance of adopting stringent security measures. Regularly updating and patching software, using encrypted communication channels, and employing acoustic noise generators are some strategies recommended to mitigate the risks associated with this novel threat.

While this technology demonstrates the potential for deep learning and AI innovation, it also emphasizes the importance of striking a balance between advancement and security. The cybersecurity sector must continue to keep ahead of possible risks and weaknesses as AI develops.

It is the responsibility of individuals, corporations, and governments to work together to bolster their defenses against new hazards as the digital landscape changes. The discovery that an AI model can listen in on keystrokes is a sobering reminder that the pursuit of technological innovation requires constant vigilance to protect the confidentiality of sensitive data.


Read more »
Zero Trust
CIO CISO Cyber Security IAM Identity and Access Management ITDR Multi-factor authentication Zero Trust

Things CISOs Need to Know About Identity and Access Management


These days, threat actors are utilizing Generative AI to steal victims’ identities and profiting through deepfakes and pretext based cyberattacks. With the most recent Verizon 2023 Data Breach Investigations Report (DBIR) indicating that pretexting has doubled in only a year, well-planned attacks that prey on victims' trust are becoming more common. Identity and access management (IAM) is a topic that is now being discussed at the board level in many businesses due to the increased danger of compromised identities.

Building IAM on a Foundation of Zero Trust to Increase its Effectiveness

Zero trust is an essential requirement for getting an IAM right, and identity is at the heart of zero trust. CISOs must adopt a zero-trust framework thoroughly and proceed as though a breach has already occurred. (They should be mindful, though, that cybersecurity providers frequently exaggerate the possibilities of zero trust.)

According to CrowdStrike’s George Kurtz, “Identity-first security is critical for zero trust because it enables organizations to implement strong and effective access controls based on their users’ needs. By continuously verifying the identity of users and devices, organizations can reduce the risk of unauthorized access and protect against potential threats.” He says that“80% of the attacks, or the compromises that we see, use some form of identity and credential theft.”

What Must CISO Know About IAM in 2023? 

According to CISO, one of the significant challenges in staying updated with the IAM technology is the pressure that comes with their cybersecurity tech stakes and goals like getting more done with less workforce and budget. 63% percent of CISOs choose extended detection and response (XDR), and 96% plan to combine their security platforms. The majority of CISOs, up from 61% in 2021, have consolidation on their roadmaps, according to Cynet's 2022 CISO study.

As customers combine their IT stacks, cybersecurity providers like CrowdStrike, Palo Alto Networks, Zscaler, and others see new sales prospects. According to Gartner, global investment in IAM will increase by 11.8% year between 2023 and 2027, from $20.7 billion to $32.4 billion. Leading IAM suppliers include IBM, Microsoft Azure Active Directory, Palo Alto Networks, Zscaler, CrowdStrike, Delinea, Ericom, ForgeRock, Google Cloud Identity, and AWS Identity and Access Management.

We are mentioning some of the IAM aspects that CISOs and CIOs must know of in 2023:

Audit all Access Credentials and Rights to Prevent the Growing Credential Epidemic

An Insider attack is a nightmare for CISOs, raising concerns about their jobs that keep them up all night. According to some CISOs, a notorious insider attack that is not caught on time could cost them and their teams their jobs, especially in financial services. Furthermore, internal attacks are as complicated as or harder to identify than exterior attacks, according to 92% of security leaders.

A common error is importing legacy credentials into a new identity management system. Take your time examining and erasing credentials. Over half of the businesses have encountered an insider threat in the previous year, according to 74% of organizations, who also claim that insider attacks have escalated. 20 or more internal attacks have occurred in 8% of people.

According to Ivanti's Press Reset, a 2023 Cybersecurity Status Report, 45% of businesses believe that previous workers and contractors still have active access to the company's systems and files. “Large organizations often fail to account for the huge ecosystem of apps, platforms and third-party services that grant access well past an employee’s termination,” said Dr. Srinivas Mukkamala, chief product officer at Ivanti.

Multifactor Authentication (MFA) can be a Quick Zero-trust Win

Multifactor Authentication (MFA) is essential as a first line of zero-trust security, according to CISOs, CIOs, and SecOps team members interviewed by VentureBeat. MFA is an instant win that CISOs have consistently told VentureBeat they rely on to demonstrate the success of their zero-trust projects.

They advise that MFA should be implemented with as little impact on employees' productivity as possible. The most effective multi-factor authentication (MFA) implementations combine password or PIN code authentication with biometric, behavioral biometric, or what-you-have (token) aspects.

Protect IAM Infrastructure with Identity Threat Detection and Response (ITDR) Tools

ITDR tools could mitigate risks and strengthen security configuration. Additionally, they may identify attacks, offer remedies, and uncover and repair configuration flaws in the IAM system. Enterprises can strengthen their security postures and lower their risk of an IAM infrastructure breach by implementing ITDR to safeguard IAM systems and repositories, including Active Directory (AD).

Some of the popular vendors include Authomize, CrowdStrike, Microsoft, Netwrix, Quest, Semperis, SentinelOne (Attivo Networks), Silverfort, SpecterOps, and Tenable.  

Read more »
Subscribe to: Posts (Atom)