Monday, October 25, 2021

Cyber Security Today, Sept. 17, 2021 – Microsoft extends passwordless access, a warning to software developers and how an attack started with a compromised website.

Microsoft extends passwordless access, a warning to software developers and how an attack started with a compromised website.

Welcome to Cyber Security Today. It’s Friday September 17th I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Earlier this year Microsoft made it easier for IT departments to allow employees to use alternatives to passwords for logging into their Microsoft accounts. Instead they can log in with their image through a video camera or other multi-factor authentication process. This week Microsoft did the same for home users. This is being done because so many people use weak passwords, and so many threat actors have stolen lists of passwords for breaking into systems. So passwordless login is available now or will shortly be available for home users of Microsoft Outlook, OneDrive, Family Security and other Microsoft products. You first need to download and install the Microsoft Authenticator app on a smartphone and link it to your personal Microsoft account. Then log into that account and in the Advanced Security Options section turn on Passwordless Account. Follow the on-screen prompts which send a notification to the Authenticator app. Approve the notification and you’re done. After that you chose which type of authentication you want – your image, a code or a security key. Just remember if the multi-factor system fails the backup is a password.

Lots of software developers use open-source Java, JavaScript, .Net and Python packages as building blocks for their applications. According to a software tool company called Sonatype, there are over 2 million packages available. That’s attracted the attention of threat actors, the company warned in a report released this week. Hackers are quietly injecting vulnerabilities into these open source projects to later exploit them when installed in organizations’ applications. That makes these applications a software supply chain risk. It’s important that application development teams chose which open source projects are acceptable, the report says. Open source components should come from a trusted supplier.

Some companies don’t realize they can be hacked through their web server. This week McAfee detailed a long-term cyber attack against an unnamed organization that IT professionals should read. There’s a link to the report here. The attacker used a lot of techniques to hide on the organization’s computer network and steal data over a number of years. Some techniques included installing new backdoors, and upping the data access privileges the attacker was entitled to. One way attacks can be stalled if not defeated is the use of multifactor authentication so password access can’t be fooled around with. But the main thing I got from this report is that the attacker first compromised this organization was through a web server vulnerability. That’s a lesson to all IT departments.

Finally, in July I warned that as COVID travel restrictions lift scammers are taking advantage. The number of phony airline, car rental and Airbnb websites is increasing, a report noted. This week another report came out with more details. Palo Alto Networks said there has been a substantial increase in the registration of travel-related phishing URLs this year. These sites are used for phishing scams offering supposed airline and vacation deals. Crooks hope victims will click on links so they can capture passwords, personal information and credit card data. As always, be careful with any message that has a link, especially to so-called deals that need to be acted on fast.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Follow this Podcast

More Cyber Security Today