Lastwall’s Post

🚨"Okta fixes a rather embarrassing, but very serious, password flaw"🚨 Okta recently resolved a significant vulnerability that allowed logins without a password under certain configurations. 🔍 Details: Issue: Usernames longer than 52 characters could bypass password requirements. Affected Configurations: AD/LDAP delegated authentication without MFA enabled, with cached prior successful authentications. Resolution: Okta has issued a fix and recommends checking your logs for any unusual login activity. This is a reminder of the need for vigilant access management and continuous monitoring to keep systems secure. https://lnkd.in/eNN6SEEy #Cybersecurity #Okta #SecurityUpdate #AccessManagement

Did you know? 🤔 Implementing just-in-time (JIT) privileged access can be a game-changer in minimizing the risk of privilege misuse! This innovative approach to privileged identity management grants privileges temporarily and only when necessary, rather than providing users with continuous high-level privileges. As we navigate through the stormy economies and market changes, the way our organization prepares, withstands, and responds makes all the difference. At One Identity, we're proud to support such bold strategies that strengthen cybersecurity and enable rock-solid, data-informed decisions. Let's continue to innovate and strengthen our cybersecurity resilience. Remember, no matter how complex, Quest is your go-to partner to migrate faster, stay in control and, most importantly, stay secure. #CyberSecurity #Innovation #OneIdentity

Stepping up your organization’s #Cybersecurity starts with one solution: getting rid of passwords entirely. Learn why now is the time to embrace #PasswordlessAuthentication. https://cdw.social/47BWQtF #Security #HealthIT

I think of VPNs as inherently secure, so this article caught my eye. Why aren't they? Steve Zurier cites Check Point Software, Keeper Security VP Patrick Tiquet and Jason Soroko, VP at Sectigo. A Check Point analysis found that these VPNs used local accounts protected by password authentication, and that VPNs should use certificate-based authentication. Tiquet called this a "glaring vulnerability," adding that this goes against the latest best practices. I found a post by Michelle Davidson on GlobalSign that took me back to my Security+ study, defining CBA as simply being a cryptographic digital certificate. They eliminate the need for password hygiene and are easy to deploy with no burden on users. I had not realized that they can identify machines too, not just users, when combined with MFA. Soroko concured and stated that username and password authentication are "now below the threshold of basic security," and that CBA is now the de facto technology. Check Point explained that threat actors would appear as legitimate users when coming in through VPNs, their goals being the usual finding data and user identities, achieving lateral movement and persistence on the networks. They named the exploit CVE-2024-249149 and developed a fix.   It was only a small number of their customers, but this just emphasizes that probably nothing on our networks is inherently secure. It's cybersecurity's job to overlook nothing and update everything. https://lnkd.in/gJfTr9MG

🔑 Identity isn’t enough. Privileged access needs extra layers of security. From privilege elevation to quantum-safe connections, here are 7 bolt-ons IAMs like Entra ID need now. Secure your critical sessions. Read more: https://lnkd.in/gMXYFq8n #cybersecurity

Passwords are a hassle to deal with. Having to constantly change them is a pain and difficult to get everyone on board. Changing passwords only if leaked or weak should be the new norm. RCDevs has the solution. Check it out. #passwords #cybersecurity #

#SingleSignOn (#SSO) streamlines the authentication process, provides centralized control over access management, and reduces the risk of weak or reused passwords. This article delves into the importance of SSO for #SMB #security, exploring its benefits and how it can help protect against unauthorized access and data breaches. https://lnkd.in/eVJimb73

Okta's recent alert of "unprecedented" #CredentialStuffing attacks marks yet another wake-up call for businesses everywhere. The spike in automated attacks using stolen credentials showcases the persistent vulnerability even in sophisticated #IAM systems. Okta's report highlights that even top-tier security setups can be at risk without proactive measures. This incident underscores a critical lesson: Traditional password-based security is no longer enough. It's time to fortify defenses with advanced solutions like Nametag, which offers secure, self-service #IDV that integrates seamlessly with Okta to shut down these threats before they start. Protect your organization’s frontline. Don’t wait for a breach to rethink your security strategy. Learn more about Okta's latest credential stuffing attack over on BleepingComputer:

𝐃𝐢𝐯𝐞 𝐢𝐧𝐭𝐨 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐛𝐥𝐨𝐠 𝐩𝐨𝐬𝐭: "𝐍𝐚𝐯𝐢𝐠𝐚𝐭𝐢𝐧𝐠 𝐭𝐡𝐞 𝐙𝐞𝐫𝐨 𝐓𝐫𝐮𝐬𝐭 𝐍𝐞𝐭𝐰𝐨𝐫𝐤𝐬: 𝐈𝐀𝐌 𝐚𝐬 𝐭𝐡𝐞 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 𝐨𝐟 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲" Discover how Identity and Access Management (𝐈𝐀𝐌) plays a crucial role in safeguarding your digital fortress. In an era where trust is never assumed, learn the strategies to ensure your network remains impenetrable. https://lnkd.in/dqxBBpDC #Auxin #AlphaScale #CyberSecurity #InfoSec #DataProtection

Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions https://lnkd.in/gMXYFq8n #infogov #informationgovernance #boltons #entraid #cybersecurity