Author: Ed Heneghan
Passwordless – the new MFA
“Passwordless” authentication is a recent addition to the cybersecurity arsenal of combatting credential theft. Microsoft, Apple and Google have recently signed up to a joint effort to make passwordless the new default. It involves using another mechanism, such as biometric methods or a device PIN.
What is passwordless authentication?
Passwordless authentication is based on public-key technology. This is the same technology that secures your connection when logging into your banking application or similar encrypted connection. The private key is associated with a device, such as a phone or authenticating token, and is never shared outside of this. Your device is associated with this key through an enrollment process. When an authentication provider receives a request from your identity, it sends a notification to that device to challenge that it is really you requesting to log in. A successful response to the challenge, such as a biometric scan of your face or your fingerprint, or a successful PIN entry, will then generate a token for the authentication provider to unlock the resource you are seeking access to. This can be a web application, your email account, or even your workstation!
Where do I sign up!
A lot of companies use Microsoft for their endpoint devices. By taking advantage of Azure Active Directory you can enable passwordless authentication in your Windows environment. This can be done with the Microsoft Authenticator, Windows Hello or standalone FIDO2 security keys. More information can be found on the Microsoft website here. If you want to see how Henocon can guide you on this journey, you can contact us here.
Zero Day Vulnerability identified in Office Products
Vulnerability in Microsoft Office products, called “Follina”, that bypasses many of the built-in security protections found.
This vulnerability leverages the Microsoft Diagnostic tool to execute code on an affected machine, and can bypass the usual protections in place to prevent. The user doesn’t even need to be an administrator! More detail can be found here: https://www.theregister.com/2022/05/30/follina_microsoft_office_vulnerability/
The chain of events leading to this is as follows:
- User receives a loaded email with the bogus document
- The document contains a call which initiates the Microsoft Diagnostic tool when opened
- The diagnostic tool spawns a child process which can then execute the code on a user’s machine (usually a PowerShell script)
- This will execute even with macros disabled!
- While the code is run under the user account that opened the document, this opens up another attack path for a malicious actor to elevate privilege.
This is a pretty nasty vulnerability that couldn’t necessarily be prevented by general security hygiene. However, an organisation’s response to this can make all the difference when it comes to your exposure.
If you want to see how Henocon can help with your cybersecurity incident readiness, you can reach out to us here
3 out of 10 Irish Law Firms Subject to Cyber Attacks in 2016
3 out of 10 Irish Law Firms subject to Cyber attack
It was announced in a study by Amárach Research today that there has been a major increase (approximately 50%) in the number of Irish law firms subject to a cyber attack in the past year. Unfortunately the scale of the problem may even be worse as a lot of cyber attacks go unreported.
Given the sensitive nature of the personal data that law firms process, and the ever increasing threat and sophistication of online attacks, Henocon cyber security specialists can help law firms keep ahead of attacks.
- Henocon can provide complete visibility of any vulnerabilities which exist from the perimeter of your network, throughout your infrastructure and right down to your end user’s desktop. Penetration Testing is a method of finding vulnerabilities – before the bad guys do.
- Infrastructure Hardening can be done following a Penetration Test or can also be done proactively to reduce the surface an attacker can exploit. Henocon can strengthen the security of most devices and application in your infrastructure to ensure that there is no weak link in the chain.
- As a Penetration Test is a snapshot of your vulnerability at a point in time (and likely to change as more vulnerabilities and exploits become available). Henocon can work with you to put a proactive plan in place to help avoid a disaster occurring, and how to deal with a disaster should it arise.
In what ways does hacking affect your business?
Protect your business IT systems from malicious attack with Henocon Ltd. Know the risks!
Network Penetration Testing
A penetration test (Network Penetration Testing), is a simulated attack on a computer system that looks for security weaknesses, with a view to preventing mailicious attacks.
Network Infrastructure Hardening
Network Infrastructure Hardening is usually the process of securing a system by reducing its vulnerability, which is larger when a system performs more functions.
Security Strategy Planning
Put a proactive plan in place to help avoid a disaster occurring, and how to deal with a disaster should it arise.
