Últimas notícias

Fique informado

NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources

20 de dezembro de 2020


Empresas priorizam a proteção de dados do cliente, mas continuam deixando-os expostos, revela o estudo global de tendências de criptografia de 2021 da Entrust

Realizado pelo Ponemon Institute, o 16º estudo anual destaca que metade das organizações finalmente alcançaram uma estratégia de criptografia consistente e outras tendências importantes em criptografia e cibersegurança.

14 de abril de 2021

Philip R. Zimmermann, one of the most important cryptografer, present a new webserie. Do not miss the 1st episode!

AET Security Topics | EP1: Post-Quantum Algorithms. Philip R. Zimmermann, um dos maiores criptógrafos, apresenta a nova webserie da AET Europe.

9 de abril de 2021

Viviane Bertol explica o que é AR Eletrônica e fala sobre os novos procedimentos de validação da ICP-Brasil

Drª Viviane Bertol, fala sobre os novos procedimentos da ICP-Brasil, panorama mundial de eIDs e sobre LGPD.

8 de abril de 2021

Kryptus fala sobre o Blockchain na estrutura de Carimbo do Tempo da ICP-Brasil

A ICP-Brasil abrigará o novo protocolo de carimbo do tempo com a adoção da tecnologia Blockchain e a Kryptus explica como.

31 de março de 2021

Ft. MEADE, Md., Dec. 17, 2020 —

In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday “Detecting Abuse of Authentication Mechanisms.”

This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud. It builds on the guidance shared in the cybersecurity advisory regarding VMware with state-sponsored actors exploiting CVE 2020-4006 and forging credentials to access protected files, though other nation states and cyber criminals may use this tactic, technique, and procedure (TTP) as well.

This advisory specifically discusses detection and mitigation of two TTPs to forge authentications and gain access to a victim’s cloud resources.

While these TTPs require the actors to already have privileged access in an on-premises environment, they are still dangerous as they can be combined with other vulnerabilities to gain initial access, then undermine trust, security, and authentication. Initial access can be established through a number of means, including known and unknown vulnerabilities.

The recent SolarWinds Orion ® code compromise is one serious example of how on-premises systems can be compromised, leading to abuse of federated authentication and malicious cloud access.

Mitigation actions include hardening and monitoring systems that run local identity and federation services, locking down tenant single sign-on (SSO) configuration in the cloud, and monitoring for indicators of compromise. NSA remains committed to providing provide timely, actionable and relevant guidance, and is partnering across the public and private sectors in ongoing incident response efforts. Releasing this advisory with further technical guidance allows NSA’s customers to apply preventative measures to the fullest extent along with the detection and mitigation actions.

For a quick summary on how you can take action, take a look at our.

Fonte: NSA

Content Syndication

Content Syndication – the content distribution is a method of republishing content developed by your company on other websites to reach a wider audience and bring new visitors to your site. Contact us about Content Syndication, contato@cryptoid.com.br | +55 11 3881 0019.

Surprise yourself with the quality of our audience! Media Kit.