Designed by Freepik

Strong Passwords, Strong Security: Your First Defense

/in

The secret to protecting your online and digital life is a strong password. Your first line of defense is them. And one of the most important parts of daily cybersecurity is understanding how to generate and save good passwords.

Keep your passwords as secure as you would your house keys. Naturally, many of us find it difficult to keep track of our password collection, that is, unless you start using a password manager. Luckily, the team at Southworth are here to assist!

Passwords are still your first line of security against hackers and data breaches, even if creating, storing, and remembering them might feel burdensome. Thankfully, creating strong passwords is now simpler than ever thanks to free, safe, and intuitive password managers. Today, you may take a few easy actions to secure your online presence.

 

The power of long, unique, and complex passwords

It is not safe to use simple passwords like 12345 or common identifying information like pet names and birthdays to secure sensitive accounts. Leaving the key in the lock while locking the door is analogous to using a password that is simple to figure out. A strong password follows ALL THREE of these guidelines:

1. Strong passwords are long passwords.

Passwords should be at least 16 characters long because length is a key factor in keeping accounts secure. Shorter passwords are much easier for attackers to guess or crack using automated tools, putting your personal and work data at risk. Even if a password seems “clever” or uses uncommon words, anything under 16 characters can often be broken quickly, leaving you vulnerable to unauthorized access. A longer password gives a stronger foundation for security, making it significantly harder for hackers to succeed.

2. Protect each account with its own password.

Reusing passwords is something almost everyone has done at some point, so don’t feel bad if it is a habit, but it is one that can put you at risk. Attackers often use stolen credentials from one site to try and access others, a tactic known as credential stuffing. When you use the same password across multiple accounts, a single breach can give attackers access to everything, from email and social media to banking. By making sure each account has its own unique password, you significantly reduce the chances of one compromised login leading to a wider security issue.

3. Complexity keeps you safer.

The best passwords combine uppercase and lowercase letters, numbers, and special characters like (@, !, $, or #). Avoid using identifiable words, names, or dates, because these are easy for attackers to guess. The most secure passwords are made up of random characters that don’t form recognizable patterns, making it far more difficult for hackers to crack them. By focusing on complexity as well as length, you create a password that truly protects your accounts.

 

MFA enhances your security beyond just using a password.

Multi-factor authentication (MFA) gives all of your accounts an additional degree of protection. You use more than just a password when you enable multi-factor authentication (MFA), which could include a special app, a text message, or a facial scan. We advise enabling MFA on all accounts that allow it.

 

The reasons behind using a password manager

You may be overwhelmed by our recommendations for strong, complicated, and unique passwords if you have never used a password manager. Modern services, however, can greatly ease your burden. As you explore the digital world, your password manager will end up being your go-to tool. You can unlock your account with just one master password if you use a password manager.

The advantages of employing a password manager

  • Convenience: Difficulty remembering dozens of passwords is over.
  • Increased security: Create and save lengthy, one-of-a-kind, and complicated passwords automatically.
  • Time-saving: For safe and speedy logins, browser extensions and mobile apps automatically fill in login information.
  • Safe vaults: Although keeping all of your passwords in one location may make you nervous, top-notch password managers protect you with encryption and zero-knowledge design. Because you are trying to remember all of your passwords, password organizers are safer than notebooks, sticky notes, spreadsheets, or reusing passwords.

 

Password managers are game-changers

The average person oversees more than 160 accounts, according to polls. By using the same password for multiple accounts, hackers can gain access to all connected accounts in the event that one is compromised. By allowing you to keep distinct passwords for each account without having to deal with remembering them all, password managers remove this risk.

Consider using trusted options like Keeper or BitWarden, both of which offer secure, user-friendly password management across all your devices. Using a password manager can make your online experience safer and less stressful while also greatly lowering your susceptibility to cyberattacks.

🎣 Beating the Latest Phishing Scams

/in
Read more

WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws

/in

The U.S. Cybersecurity and Infrastructure Security Agency is warning of active exploitation attempts that leverage the latest line of “ProxyShell” Microsoft Exchange vulnerabilities that were patched earlier this May, including deploying LockFile ransomware on compromised systems.

Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities enable adversaries to bypass ACL controls, elevate privileges on the Exchange PowerShell backend, effectively permitting the attacker to perform unauthenticated, remote code execution. While the former two were addressed by Microsoft on April 13, a patch for CVE-2021-31207 was shipped as part of the Windows maker’s May Patch Tuesday updates.

“An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine,” CISA said.

The development comes a little over a week after cybersecurity researchers sounded the alarm on opportunistic scanning and exploitation of unpatched Exchange servers by taking advantage of the ProxyShell attack chain.

Image Source: Huntress Labs

Originally demonstrated at the Pwn2Own hacking contest in April this year, ProxyShell is part of a broader trio of exploit chains discovered by DEVCORE security researcher Orange Tsai that includes ProxyLogon and ProxyOracle, the latter of which concerns two remote code execution flaws that could be employed to recover a user’s password in plaintext format.

“They’re backdooring boxes with webshells that drop other webshells and also executables that periodically call out,” researcher Kevin Beaumont noted last week.

Now according to researchers from Huntress Labs, at least five distinct styles of web shells have been observed as deployed to vulnerable Microsoft Exchange servers, with over over 100 incidents reported related to the exploit between August 17 and 18. Web shells grant the attackers remote access to the compromised servers, but it isn’t clear exactly what the goals are or the extent to which all the flaws were used.

More than 140 web shells have been detected across no fewer than 1,900 unpatched Exchanger servers to date, Huntress Labs CEO Kyle Hanslovan tweeted, adding “impacted [organizations] thus far include building manufacturing, seafood processors, industrial machinery, auto repair shops, a small residential airport and more.”

Source: https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29

 

More than 6,700 VMware servers exposed online and vulnerable to major new bug

/in

More than 6,700 VMware vCenter servers are currently exposed online and vulnerable to a new attack that can allow hackers to take over unpatched devices and effectively take over companies’ entire networks.

Image: VMware, ZDNet

Scans for VMware vCenter devices are currently underway, according to threat intelligence firm Bad Packets.

The scans have started earlier today after a Chinese security researcher published proof-of-concept code on their blog for a vulnerability tracked as CVE-2021-21972.

This vulnerability impacts vSphere Client (HTML5), a plugin of VMware vCenter, a type of server usually deployed inside large enterprise networks as a centralized management utility through which IT personnel manage VMware products installed on local workstations.

Last year, security firm Positive Technologies discovered that an attacker could target the HTTPS interface of this vCenter plugin and execute malicious code with elevated privileges on the device without having to authenticate.

Because of the central role of a vCenter server inside corporate networks, the issue was classified as highly critical and privately reported to VMware, which released official patches yesterday, on February 23, 2021.

Due to the large number of companies that run vCenter software on their networks, Positive Technologies initially planned to keep details about this bug secret until system administrators had enough time to test and apply the patch.

However, the proof-of-concept code posted by the Chinese researcher, and others, effectively denied companies any grace period to apply the patch and also started a free-for-all mass-scan for vulnerable vCenter systems left connected online, with hackers hurrying to compromise systems before rival gangs.

Making matters worse, the exploit for this bug is also a one-line cURL request, which makes it easy even for low-skilled threat actors to automate attacks.

According to a Shodan query, more than 6,700 VMware vCenter servers are currently connected to the internet. All these systems are now vulnerable to takeover attacks if administrators failed to apply yesterday’s CVE-2021-21972 patches.

VMware has taken this bug very seriously and has assigned a severity score of 9.8 out of a maximum of 10 and is now urging customers to update their systems as soon as possible.

Due to the critical and central role that VMware vCenter servers play in enterprise networks, a compromise of this device could allow attackers access to any system that’s connected or managed through the central server.

These are the types of devices that threat actors (known as “network access brokers”) like to compromise and then sell on underground cybercrime forums to ransomware gangs, which then encrypt victims’ files and demand huge ransoms. Furthermore, ransomware gangs like Darkside and RansomExx have already started going after VMware systems last year, showing just how effective targeting these VM-based enterprise networks can be.

Since a PoC is now out in the open, Positive Technologies has also decided to publish an in-depth technical report on the bug, so network defenders can learn how the exploit work and prepare additional defenses or forensics tools to detect past attacks.

Source: zdnet.com

Fortinet Recognized as Visionary in the 2020 Gartner Magic Quadrant for Wired and Wireless LAN Access Infrastructure

/in

Gartner defines visionary as, “A vendor in the Visionaries Quadrant demonstrates an ability to increase features in its offering to provide a unique and differentiated approach to the market. A Visionary will have innovated in one or more of the key areas of access layer technologies within the enterprise (for example, security, management or operational efficiency). The ability to apply differentiating functionality across the entire access layer will affect its position.”

We believe our Security-Driven Networking approach to wired and wireless networking is engineered for a secure LAN Edge. It reflects a vision that increases features, not licensing and is secure by design, not by add on.  Further, it is integrated into a platform that addresses digital transformation from LAN Edge to WAN Edge to Cloud Edge, and beyond.

Learn More

Gartner 2020 Magic Quadrant for Web Application Firewalls

/in

Fortinet a Challenger in the 2020 Gartner Magic Quadrant for Web Application Firewalls.

We believe Fortinet delivers an effective, easy-to-manage, high-performance web application firewall (WAF) that protects web applications and APIs against both known and unknown threats.

Backed by threat intelligence from FortiGuard Labs and enhanced with machine learning, FortiWeb provides the full protection your web-facing applications and APIs need. The combination of high performance and flexible deployment options makes Fortinet an easy choice for security leaders.

Click the learn more to see

  • Gartner’s view of the WAF market
  • A comprehensive survey of enterprise web application firewall vendors
  • Why Fortinet has been recognized as a Challenger
Learn More

Fortinet is a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls

/in

Recognized in the Gartner Magic Quadrant for Network Firewalls for the 11th time

FortiGate Network Firewalls, also known as Next-Generation Firewalls or NGFWs, enable our Security-Driven Networking approach, which protects any edge at any scale. Using FortiGate Network Firewalls as part of the Fortinet Security Fabric, customers realize the following key benefits:

  • Manage Operational & Security Risks. Keep operations running with full visibility and best-of-breed protection across the entire attack surface.
  • Reduce Cost & Complexity. Achieve best TCO and defense in depth with segmentation and trusted application access.
  • Improve Operational Efficiency. Streamline operations with simplified enterprise-wide workflows using single pane of glass management
LEARN MORE

Fortinet Named a Leader in the 2020 Gartner Magic Quadrant for WAN Edge Infrastructure

/in

Fortinet Secure SD-WAN is the heart of true Security-Driven Networking

Placed in the Leaders Quadrant for 2020

Fortinet Secure SD-WAN:

  • Delivers a world-class user experience. Fortinet customers can overcome WAN impairments at all edges using our comprehensive self-healing SD-WAN, achieve high performance thanks to our purpose-built ASIC and architecture, and maximize application performance with AI/ML-powered application learning.
  • Reduces costs and complexity. Fortinet converges networking and security into a unified SD-WAN solution with centralized orchestration, enabling customers to reduce operational complexity, and achieve the most desirable TCO.
  • Provides a path for protecting all edges. Fortinet customers future-proof their investments by extending SD-WAN with cloud-delivered security innovations that provide flexible, secure access for a diverse and distributed workforce—anytime and anywhere. Unified orchestration capabilities further provide end-to-end visibility and control of the network environment.
Learn More