now browsing by tag
Azure® is a cloud infrastructure provider that offers compute, storage, and other infrastructure platforms, such as Office 365. Azure introduced its own identity management solution called Azure Active Directory® (AD), but this doesn’t serve as a solution for bringing the on-prem directory service, Active Directory, to the cloud. Though Azure does not offer its own RADIUS server, RADIUS-as-a-Service solutions make it simple to level up the security of WiFi and VPN networks.
What Does Azure AD Do?
Azure AD incorporates a user management function (like authentication and authorization) for Azure services (like compute, storage, and applications). Azure AD provisions, deprovisions, and modifies user access to Azure-related services such as Windows® servers and Office 365.
It also does web application single sign-on, enabling SSO for Office 365, Salesforce®, Dropbox, and other select applications to be accessed with a singular identity.
What Azure AD doesn’t offer is an integrated, hosted, and managed RADIUS solution, making it difficult to manage access to VPNs and on-prem WiFi and forcing IT admins to leverage other mechanisms to manage user access. Often this means setting up their own RADIUS servers (i.e. FreeRADIUS or Windows NPS) to keep their networks secure.
Azure AD RADIUS Authentication Services
Because Azure AD doesn’t have native RADIUS server functionality, IT admins need to employ different methods for securing their on-prem wireless Internet access.
For instance, admins can host a RADIUS server in Azure, either through an NPS extension or through FreeRADIUS, but this process is time consuming, requiring extensive self-implementation and potentially forcing IT admins to stray away from cloud-based services and applications that shift the heavy lifting of the infrastructure to a third party. Beyond that, admins still have to integrate the RADIUS infrastructure back into whatever core directory service they are using.
Azure AD does offer IT admins the ability to configure Azure MFA servers for RADIUS authentication through an NPS extension, or they can implement their own FreeRADIUS authentication source to be linked back to AD.
However, Microsoft’s solution is limited in that it only supports RADIUS authentication (Read more…)
The post #cybersecurity | #hackerspace |<p> RADIUS Server in Azure – Security Boulevard <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans IT admins have long been the unofficial repair technicians of the enterprise. However, instead of hammers and wrenches, the tool kit of the IT admin contains servers, cables, and software tools. Unfortunately, one of the most popular IT admin tools, Microsoft® Active Directory® (AD), isn’t working […] View full post on AmIHackerProof.com
Even with modern authentication methods like biometrics entering the fray, helping users reset their passwords remains a time-consuming task for IT admins. Reasons why this problem persists include end user knowledge, poor tooling, and unintegrated identity and access management (IAM) solutions. If you’re looking to automate password resets, a cloud solution offers a way to […]
The post Automate Password Resets appeared first on JumpCloud.
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/automate-password-resets/
The post #cybersecurity | #hackerspace |<p> Automate Password Resets – Security Boulevard <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Though ransomware attacks aren’t a recent phenomenon, they do seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks, that’s about to change—with the reports of 20+ Texas governmental entities recently being simultaneously hit in a coordinated attack, there may be a new and even scarier method of extorting entities for their data.
By definition, ransomware is a type of malware code that uses virtually unbreakable encryption to deny user access to a company’s systems. By the time of the actual attack, the perpetrator has already done reconnaissance to find weaknesses in the chosen system, which they then exploit that to find important data, manipulating the environment to where the affected entity cannot touch its own information. The victim then receives a message demanding some kind of payment—bitcoin being a preferred option—to unlock the files or systems. In short, ransomware operates exactly as a hostage situation seen in films and television shows: The hacker literally hoards the keys to the company’s kingdom, only relinquishing them when their demands are met.
The first known ransomware attack was in 1989 and was conducted using snail-mailed floppy disks. Technology has come a long way since then and today’s attacks are much easier to carry out; they’re more lucrative, as well. Typically, ransom requests generally average around $500 USD—a seemingly tiny sum for entities worth billions. No matter what the amount, these financial after-effects are obviously painful for the victims, and sometimes the companies attacked aren’t always the sole injured party. After the 2018 attack on the City of Atlanta, wherein the ransom was $50,000 USD in bitcoin, the additional remediations totaled more than $2.6 million taxpayer dollars. However, $50,000 is a drop in the bucket for these new attackers in Texas—after their government attack, they’ve demanded a collective $2.5 million, a serious upgrade in reward for their criminal risk.
So what else makes these recent attacks in Texas unique? For one thing, nearly two dozen entities were hit in one fell swoop, something that smacks of more sophisticated methods and patience on behalf of the attacker or attackers. The 2016 Verizon Data Breach Investigations Report said phishing is the No. 1 cause of data breaches, and spear-phishing could be how the Texas criminals gained access to inject their malware. Spear-phishing is the use of targeted emails that, when the recipient clicks on a link in that message, allows the cybercriminal to obtain sensitive information—i.e., credentials—or install that malware into the company’s systems. If this is indeed how the bad actor infected government entities in Texas one by one, it shows some patience to wait until they had an opening into a number of systems, then coordinating the lockup to happen all at once. Local governments are a prime target for these kinds of hacks, and the size of this one has prompted a huge, statewide response.
Though Texas is just the latest victim, what’s scarier is that these cybercriminals and their methods will only get better and more exotic. How long before bots start locking hundreds of systems at once? Already there are ransomware-as-a-service providers that enable even the most novice cybercriminals to hack in with tools such as CryptoWall, Locky and TeslaCrypt. For everyone with data to protect, the idea is terrifying, and society isn’t doing much to help themselves—there is definitely more that could be done.
In the analog world, companies and governments actually play a part in aiding the cybercriminals when they fail to report. Even if they don’t announce the attack publicly, sometimes it’s still obvious that it happened, such as when a local or county government suddenly cannot produce vital records or process things like permits and marriage licenses. Other private companies might be down for a short amount of time, failing over to backup systems, but still in danger of at least temporarily losing some data depending on their backup frequency. As the attacks continue to intensify and grow stronger, companies must take steps to protect themselves and not give the criminals any wiggle room.
So, what are these steps? What can be done to mitigate these attacks and lessen the risk of it happening?
- Make sure to run the latest patches on systems, as well as the latest versions of applications—even middleware and those on the back end.
- If there is no InfoSec team dedicated to overall, company-wide security, invest and put one together as soon as possible.
- Leverage industry-standard (ex: NIST, SANS) and compliance guidelines such as PCI, ISO, HIPAA, etc. to make sure at least most security bases are covered.
- Educate your employees on how to spot phishing and vishing attempts.
It’s that last point that is most critical. Unfortunately, humans will always be the biggest risk to an organization’s security, and therefore, employee education is key. In this spirit, prepare and execute a robust security awareness campaign and conduct regular training sessions. Then, after you’ve completed the training and education, do it again—keep at it until security isn’t a thought anymore because it’s part of everybody’s routine, daily processes. Ransomware attacks aren’t a new or recent development, but as they continue to develop in strength and the potential for bigger financial penalties continues to grow, it’s always better to be safe rather than sorry.
The post #cybersecurity | #hackerspace |<p> Ransomware Attacks Keep Growing – Security Boulevard <p> appeared first on National Cyber Security.
View full post on National Cyber Security