What is passwordless authentication?

Passwordless authentication is based on public-key technology. This is the same technology that secures your connection when logging into your banking application or similar encrypted connection. The private key is associated with a device, such as a phone or authenticating token, and is never shared outside of this. Your device is associated with this key through an enrollment process. When an authentication provider receives a request from your identity, it sends a notification to that device to challenge that it is really you requesting to log in. A successful response to the challenge, such as a biometric scan of your face or your fingerprint, or a successful PIN entry, will then generate a token for the authentication provider to unlock the resource you are seeking access to. This can be a web application, your email account, or even your workstation!

Where do I sign up!

A lot of companies use Microsoft for their endpoint devices. By taking advantage of Azure Active Directory you can enable passwordless authentication in your Windows environment. This can be done with the Microsoft Authenticator, Windows Hello or standalone FIDO2 security keys. More information can be found on the Microsoft website here. If you want to see how Henocon can guide you on this journey, you can contact us here.

The post Passwordless – the new MFA appeared first on Henocon Limited.

This vulnerability leverages the Microsoft Diagnostic tool to execute code on an affected machine, and can bypass the usual protections in place to prevent. The user doesn’t even need to be an administrator! More detail can be found here: https://www.theregister.com/2022/05/30/follina_microsoft_office_vulnerability/

The chain of events leading to this is as follows:

• User receives a loaded email with the bogus document
• The document contains a call which initiates the Microsoft Diagnostic tool when opened
• The diagnostic tool spawns a child process which can then execute the code on a user’s machine (usually a PowerShell script)
• This will execute even with macros disabled!
• While the code is run under the user account that opened the document, this opens up another attack path for a malicious actor to elevate privilege.

This is a pretty nasty vulnerability that couldn’t necessarily be prevented by general security hygiene. However, an organisation’s response to this can make all the difference when it comes to your exposure.

If you want to see how Henocon can help with your cybersecurity incident readiness, you can reach out to us here

The post Zero Day Vulnerability identified in Office Products appeared first on Henocon Limited.

3 out of 10 Irish Law Firms subject to Cyber attack

It was announced in a study by Amárach Research today that there has been a major increase (approximately 50%) in the number of Irish law firms subject to a cyber attack in the past year. Unfortunately the scale of the problem may even be worse as a lot of cyber attacks go unreported.

Given the sensitive nature of the personal data that law firms process, and the ever increasing threat and sophistication of online attacks, Henocon cyber security specialists can help law firms keep ahead of attacks.

1. Henocon can provide complete visibility of any vulnerabilities which exist from the perimeter of your network, throughout your infrastructure and right down to your end user’s desktop. Penetration Testing is a method of finding vulnerabilities – before the bad guys do.
2. Infrastructure Hardening can be done following a Penetration Test or can also be done proactively to reduce the surface an attacker can exploit. Henocon can strengthen the security of most devices and application in your infrastructure to ensure that there is no weak link in the chain.
3. As a Penetration Test is a snapshot of your vulnerability at a point in time (and likely to change as more vulnerabilities and exploits become available). Henocon can work with you to put a proactive plan in place to help avoid a disaster occurring, and how to deal with a disaster should it arise.

The post 3 out of 10 Irish Law Firms Subject to Cyber Attacks in 2016 appeared first on Henocon Limited.

The post In what ways does hacking affect your business? appeared first on Henocon Limited.

Be Proactive about your risks

Penetration Testing is a method of testing different areas of a business (network, infrastructure, personnel) to identify ways they could potentially be breached, with a view to preventing malicious attacks. The technology has been developing for decades, but is increasing in necessity in recent years due to the dependence of companies on IT for business critical operations.

The responsibility on businesses (in particular those in financial, legal and medical practices), to protect their clients’ personal information is increasing. Penetration testing can assist with achieving compliance with industry data protection standards.

The post Network Penetration Testing appeared first on Henocon Limited.

Network Infrastructure Hardening

It is important to strengthen the security of the devices and applications in your infrastructure to ensure that there is no weak link in the chain. Areas that could be a point of failure:

• Firewalls, switches, routers etc.
• Servers, desktops, thin clients etc.
• Web applications, internet facing services (remote desktop, email, etc.)
• Users! (Training)

Infrastructure Hardening can be done following a Penetration Test or can also be done proactively to reduce the surface an attacker can exploit.

The post Network Infrastructure Hardening appeared first on Henocon Limited.

Security Strategy Planning

As a Penetration Test is a valuable snapshot of your vulnerability at a point in time, it is likely to change as more vulnerabilities and exploits become available.  Be sure you to put a proactive plan in place to help avoid a disaster occurring, and how to deal with a disaster should it arise.

Things you should consider doing:

• Develop a Patch Management Schedule so you can take advantage of your vendors own-supplied security patches as and when they become available.
• Formulate a Disaster Recovery Plan, so that in the event of an attack you can quickly get your business back up and running

Design, plan and configure a Security Infrastructure. This could involve sourcing new equipment or application or re-configuring your existing infrastructure to utilise its full security potential.

The post Security Strategy Planning appeared first on Henocon Limited.