Identity & Access Management

Okta investigating reports of data breach by Lapsus$ ransomware cybercriminal group (updated)

Authentication, Data Breach, Data Privacy, Identity & Access Management / By Frank Crast / March 22, 2022 March 23, 2022 / authentication, Breach, Data Breach, Okta

Identity and authentication services firm Okta is investigating reports that the firm has been breached by the Lapsus$ ransomware cybercriminal group.

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors

Identity & Access Management, Standards & Guidelines / By Frank Crast / January 29, 2022 March 26, 2022 / FIPS, FIPS 201-3, NIST

The U.S. Secretary of Commerce has approved the publication of FIPS 201-3, the National Institute of Standards and Technology (NIST) latest revision of “Personal Identity Verification (PIV) of Federal Employees and Contractors.”

NSA and CISA release guidance on securing remote access VPNs

Access Control, Cybersecurity Articles, Identity & Access Management, Network Security / By Frank Crast / September 29, 2021 March 20, 2022 / CISA, CNSSP, NSA, TLS, VPN

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Information Sheet selecting and securing remote access VPNs.

NIST SP 800-204B: Attribute-based Access Control for Microservices-based Applications using a Service Mesh

Identity & Access Management, Standards & Guidelines / By Frank Crast / August 7, 2021 September 18, 2021 / NIST

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204B Attribute-based Access Control for Microservices-based Applications using a Service Mesh.

Critical ForgeRock Access Management vulnerability (CVE-2021-35464) exploited

Identity & Access Management, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / July 12, 2021 July 12, 2021 / Access Management, ACSC, CVE-2021-35464, ForgeRock, Identity

A Critical ForgeRock Access Management (AM) vulnerability (CVE-2021-35464) has been exploited in the wild. The issue affects ForgeRock’s OpenAM, open-source AM solution.

Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels”

Cybersecurity Attacks, Identity & Access Management, Network Security, Remote Access / By Frank Crast / February 10, 2021 September 11, 2021 / critical infrastructure, Florida, Hacker, WTSP

A hacker remotely accessed a Florida city water treatment plant and attempted to increase the chemical level to “dangerous levels” before the cyberattack was thwarted.

NIST SP 800-210: General Access Control Guidance for Cloud Systems

Cloud Security, Identity & Access Management, Standards & Guidelines / By Frank Crast / July 31, 2020 September 11, 2021 / NIST

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-210 General Access Control Guidance for Cloud Systems.

Cisco says telnet vulnerability affects IOS XE software (CVE-2020-10188)

Configuration Management, Identity & Access Management, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 26, 2020 June 26, 2020 / Appgate, Cisco, CVE-2020-10188, Debian, Fedora, IOS XE, SSH, Telnet, TTY

Cisco has released a High severity security advisory for a telnet vulnerability that affects Cisco IOS XE software.

Microsoft releases Zero Trust guidance for Azure AD

Cloud Security, Cybersecurity Articles, Identity & Access Management / By Frank Crast / May 3, 2020 June 11, 2020 / Active Directory, Azure, Zero Trust

Microsoft has released new Zero Trust guidance for Azure Active Directory (Azure AD). The guidance is part of a broader “Zero Trust Security Strategy” to help organizations provide more secure access to corporate resources.

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Identity & Access Management, Network Security, Password Management, Vulnerabilities & Exploits / By Frank Crast / April 17, 2020 April 17, 2020 / Active Directory, CISA, CVE-2019-11510, DHS, Juniper, passwords, Pulse Secure, VPN

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.