In our previous article in this series, we highlighted a very serious threat to networks of all kinds: The hackers presumed to be behind the large-scale breach of SolarWinds’ Orion platform have also been linked to an attack that compromised a multi-factor authentication system. By gaining read access to  the MFA server, it’s possible for a bad actor to generate false cookies and gain authenticated user privileges.

Wenn uns die Pandemie eins gelehrt hat, dann ist es der sorgfältige Umgang mit Hygiene – Händewaschen wird wohl so schnell keiner mehr vergessen. Nach diesem Vorbild sollten sich Unternehmen das Thema Datenschutz zu Herzen nehmen. In diesem Blogpost haben wir erklärt, dass der Datenschutz die gleiche Aufmerksamkeit bekommen sollte, wie der Schutz vor Bakterien und Viren. 

Die im Dezember 2020 entdeckte Sicherheitslücke bei SolarWinds war ein atemberaubender Schachzug in der Cyber-Kriegsführung, der neun Monate lang unentdeckt blieb. Der Angriff ist eine der schwerwiegendsten, jemals verzeichneten Lieferketten-Sicherheitsverletzungen, es sind rund 18.000 staatliche und private Netzwerke betroffen.

With COVID-19 now revving its engine, I suspect that many of you are reading this article from the kitchen table, perhaps still in your pajamas. But even before the present global virus situation, this casual teleworking image was pretty familiar for many job functions. I mean – let’s be honest: Checking email is checking email – regardless of whether this mindless task is done on the corporate LAN or across your home broadband.

Trying to keep the cybersecurity playbook current might seem like mission impossible. New threats, risks and problems appear on a daily basis, while enterprise budgets remain painfully tight and skill shortages rampant.

For years the security and IT worlds have bantered around terms like Single Sign-On (SSO), multi-factor authentication (MFA), adaptive authentication and automatic provisioning. These are all features of a strong Identity and Access Management (IAM) solution. You might have all been told you need to implement these features. 

Over the past year, people around the world have moved online and now conduct most of their daily lives digitally — from classes to grocery shopping; from doctor appointments to holiday celebrations. These digital shifts have required increased trust from all of us. Employees and employers have had to trust each other to work securely and productively from new locations (sometimes during different working hours), consumers have had to trust businesses to keep their personal data safe.

We need to start thinking of sci-fi and fantasy as educational instead of fictional. We have already been using them as inspiration for years. The first flip phones certainly looked a lot like the communicators from classic Star Trek. But are we looking at them to anticipate the nefarious schemes the bad guys might come up with?

Microservices architecture, also known simply as “microservices,” is an approach to building software with modular services that are distinct and independent from each other. In recent years, microservices have become a popular choice for designing and deploying applications. They allow apps to be broken into smaller and loosely coupled pieces (microservices) that are independently tested, maintained, and deployed.

Multi-factor authentication (MFA) has been working its way into consumer life for years. To get to your bank account from a new machine, you often have to provide not only a username and password but a numeric code that you receive via a text message or an email.