Tag Archive for: tools

Teams, Slack, and GitHub, oh my! – How collaborative tools can create a security nightmare

/in


When building Teams security, first determine the level of risk your organization is willing to accept. For example, do you want Teams to be open to anonymous users or limit it strictly to internal users?

To adjust this setting, perform the following steps:

If you decide that guest access is to be allowed on your network, you need to be aware of the potential for Teams to be used as a means for attack. You can improve security by deploying more phishing-resistant authentication methods, such as number matching, rather than merely allowing automatic approval of the prompt.

Next, consider implementing Conditional Access rules. This requires additional licensing to implement but may be wise, as attackers turn more and more to using the cloud as a launching point for attacks.

Conditional access rules will allow you to restrict Microsoft 365 logins by using stronger authentication techniques as well as increasing the various strengths of built-in authentication: Multifactor authentication strength, Passwordless MFA strength, and Phishing-resistant MFA strength.

You may decide to limit your Teams interactions to approved domains rather than leaving it open to new and anonymous users. And of course, educating end users only to accept files from trusted partners is crucial.

Source…

Nation states buying hacking tools from underground Russian cyber forums

/in


Nation states have been identified shopping on Russian cyber crime forums for malware they can use to wipe computers of data in hostile hacking attacks.

Russian-speaking hacking forums, including Exploit and XSS, run black markets in tools and services used by cyber criminals intent on making money by hacking computer systems and stealing data.

According to Sergey Shykevich, a threat intelligence expert at cyber security company Check Point Software, nation states are increasingly using underground cyber crime forums to pose as cyber criminals and hackers.

“Nation states understand that to pretend to be involved in hacktivism allows them deniability,” he told Computer Weekly. “They don’t want to be accused, even if everyone knows it’s Russia, or Iran.”

Russian forums

Some of Russia’s cyber crime forums have been in operation for more than 20 years. One of the oldest Russian-speaking forums is Exploit, which was established in 2000 and contains one million messages on over 200,000 topics, said Shykevich.  

“They offer everything you could imagine,” he told Computer Weekly. “It starts with software vulnerabilities. You can rent malware, ransomware as a service and spam as a service to distribute fake phishing emails and currently even AI [artificial intelligence]-related services, and deep fake platforms.”

The forums generally exist on the deep web and don’t require a specialist Tor browser to access. But they are strictly members only.

Iran suspected of buying wiper software

Check Point discovered last year that Russian underground forums were offering wiper software, which is designed to destroy computer data irreversibly.

Wiper software is of no interest to cyber criminals who normally inhabit Russia’s hacking forums – strongly suggesting nation-state involvement.

“We saw someone, probably the Iranian government, looking for wiper software,” said Shykevich.

State-sponsored hacking groups are better funded than typical cyber criminal groups, and are not shy of advertising their spending power, said Shykevich.

They typically pay larger deposits to the administrators of cyber crime forums than other members of the hacking community.

“From all…

Source…

Five Government-Provided Botnet and Malware Cleaning Tools

/in


The Indian Computer Emergency Response Team (CERT-In) recently celebrated “Cyber Swachhta Pakhwada” and as a part of this, the government issued an advisory for all users to keep their digital devices bot free.

The government operates ‘Cyber Swachhta Kendra’ (CSK) by CERT-In aims to create a secure cyberspace by “detecting botnet infections in India and to notify, enable cleaning and securing systems of end users so as to prevent further infections.”

What are botsBots are automated rogue software programs designed with malicious intent and are used to undertake harmful actions on the internet, such as data theft, spreading malware and initiating cyberattacks, among others.

“The ‘Cyber Swachhta Kendra’ (Botnet Cleaning and Malware Analysis Centre) is set up in accordance with the objectives of the ‘National Cyber Security Policy’, which envisages creating a secure cyber ecosystem in the country,” the CSK website says.

Apart from working in close coordination and collaboration with internet service providers and antivirus companies, the site also provides tools to users to secure their systems/devices. Here are the five tools that users can download to clean their devices.

Free bot removal tool for AndroideScan Antivirus: The antivirus company eScan Antivirus is providing the Smartphone Safety Toolkit. It can be downloaded from Google Play Store.

C-DAC Hyderabad: C-DAC Hyderabad has developed M-Kavach 2 with the support of MeitY. C-DAC Hyderabad is providing the Android Mobile Security Application. It can be downloaded from Google Play Store.

Expand

Free bot removal tool for Microsoft WindowseScan Antivirus eScanAV: The antivirus company eScan Antivirus is providing the free bot removal Tool.

K7 Security: it is an antivirus software

Quick Heal: This bot removal tool is provided by antivirus company Quick Heal

Source…

6 Best Open Source IAM Tools in 2024

/in


Identity access management (IAM) tools, crucial for cybersecurity, have become highly sought-after due to rising identity-related breaches. A Statista report revealed that 80% of global respondents experienced cyber breaches linked to authentication vulnerabilities in 2023. Additionally, 70% of US-based IAM professionals expressed concerns about identity-based threats.

IAM tools help organizations secure and manage user identities and access to resources, ensuring only authorized individuals gain access. While proprietary IAM solutions like Okta, OneLogin and Cyberark dominate the market, open-source IAMs offer flexibility and low cost. Let’s explore their features, pricing, benefits and limitations.

Best open source IAM tools comparison

The following table provides a snapshot of how these open-source IAMs compare to each other.

Identity lifecycle management Multi-factor Authentication (MFA) Single Sign-on (SSO) and Single Logout (SLO) Pricing
OpenIAM Yes Adaptive MFA Yes Free version or subscription; contact vendor for a quote.
Keycloak Yes Yes Yes Free.
Ory Yes Yes Yes, within certain subscriptions. Free version for EU region; US and EU plans starting at $29/month.
Aerobase Server Yes Yes Yes, for browser applications. Free version or plans starting at $690/month.
ForgeRock Yes Yes Yes, when configured. Starts at $3 per user per month for Workforce plans.
Shibboleth Consortium Yes MFA profile standard for IdPs. Only supported on Shibboleth 3.2 and above. Starts at $2,960/year.



OpenIAM: Best for workforce and customer identity

OpenIAM logo.
Image: OpenIAM

This open-source IAM solution caters to both workforce and customer identities. Suitable for enterprise use, it offers organizations a set of features designed to streamline user access across various platforms. It boasts a robust web access control for identity management, diverse applications, Single Sign-On (SSO), Desktop SSO and API integration controls. It also includes Two-Factor/Multi-Factor Authentication (2FA/MFA) and role-based access control management. In addition to these core features, OpenIAM provides supplementary capabilities like SSH key management, session management and password…

Source…