Category: IT System Security
Passwordless – the new MFA
“Passwordless” authentication is a recent addition to the cybersecurity arsenal of combatting credential theft. Microsoft, Apple and Google have recently signed up to a joint effort to make passwordless the new default. It involves using another mechanism, such as biometric methods or a device PIN.
What is passwordless authentication?
Passwordless authentication is based on public-key technology. This is the same technology that secures your connection when logging into your banking application or similar encrypted connection. The private key is associated with a device, such as a phone or authenticating token, and is never shared outside of this. Your device is associated with this key through an enrollment process. When an authentication provider receives a request from your identity, it sends a notification to that device to challenge that it is really you requesting to log in. A successful response to the challenge, such as a biometric scan of your face or your fingerprint, or a successful PIN entry, will then generate a token for the authentication provider to unlock the resource you are seeking access to. This can be a web application, your email account, or even your workstation!
Where do I sign up!
A lot of companies use Microsoft for their endpoint devices. By taking advantage of Azure Active Directory you can enable passwordless authentication in your Windows environment. This can be done with the Microsoft Authenticator, Windows Hello or standalone FIDO2 security keys. More information can be found on the Microsoft website here. If you want to see how Henocon can guide you on this journey, you can contact us here.
Zero Day Vulnerability identified in Office Products
Vulnerability in Microsoft Office products, called “Follina”, that bypasses many of the built-in security protections found.
This vulnerability leverages the Microsoft Diagnostic tool to execute code on an affected machine, and can bypass the usual protections in place to prevent. The user doesn’t even need to be an administrator! More detail can be found here: https://www.theregister.com/2022/05/30/follina_microsoft_office_vulnerability/
The chain of events leading to this is as follows:
- User receives a loaded email with the bogus document
- The document contains a call which initiates the Microsoft Diagnostic tool when opened
- The diagnostic tool spawns a child process which can then execute the code on a user’s machine (usually a PowerShell script)
- This will execute even with macros disabled!
- While the code is run under the user account that opened the document, this opens up another attack path for a malicious actor to elevate privilege.
This is a pretty nasty vulnerability that couldn’t necessarily be prevented by general security hygiene. However, an organisation’s response to this can make all the difference when it comes to your exposure.
If you want to see how Henocon can help with your cybersecurity incident readiness, you can reach out to us here
In what ways does hacking affect your business?
Protect your business IT systems from malicious attack with Henocon Ltd. Know the risks!
Network Penetration Testing
A penetration test (Network Penetration Testing), is a simulated attack on a computer system that looks for security weaknesses, with a view to preventing mailicious attacks.
Security Strategy Planning
Put a proactive plan in place to help avoid a disaster occurring, and how to deal with a disaster should it arise.
