Google is stepping up its account security by making multifactor authentication (MFA) mandatory for all Google Cloud users by the end of 2025. Right now, only 70% of users have MFA turned on. The rollout will happen in three stages: starting this month, Phase 1 will focus on helping administrators prepare. In early 2025, Phase 2 will require all new and existing users who use passwords to enable MFA. By the end of 2025, Phase 3 will include users who connect through other identity providers.
This change follows a trend we discussed in our last assignment about stronger security practices. Other companies like AWS, Snowflake, and Microsoft Azure have already started similar steps to enforce MFA. While using MFA can cut the risk of account breaches by up to 99%, experts warn that it’s not perfect. Attackers are finding ways to bypass older MFA methods, so the focus is shifting toward adopting phishing-resistant MFA for better protection.
Socure’s “The State of Digital Identity in 2024” highlights the increased complexity of digital identity management, particularly for state agencies. Fraud is an important concern, with state institutions unable to safeguard identities and provide a smooth user experience. Old verification methodologies, legal limits, and sophisticated technology integration are important issues, according to the research. Layering authentication methods with AI and machine learning improves accuracy and reduces fraud.
Identity management, privacy, and digital identity security were covered this week. The article emphasizes the necessity for strong identity management systems to prevent identity fraud, reflecting this week’s readings on safe identity verification. It shows how developing technology like AI might solve identification issues, making it important to digital security conversations.
https://www.thinkadvisor.com/2024/10/07/wells-fargo-customer-sues-over-data-breach/
Wells Fargo Client Sues Over Data Breach
On September 19, 2024, Wells Fargo announced a data breach that involved a former employee accessing highly sensistive data from May 2022 to March 2023. Wells Fargo began this investigation in July 2024 and it appears that many details still have yet to be divulged. The company is facing a class action lawsuit for negligence by, failing to adequately safeguard customers information.
IAM: Enterprises face a long, hard road to improve
The article “Poor Identity and Access Management Puts Enterprise Data at Risk” by Stephen Pritchard explains how challenging it is for companies to get identity and access management (IAM) right. Organizations need to secure their systems and manage who gets access without making it difficult for employees, customers, or suppliers to do their work. If there are too many layers of security, it creates “friction,” which can slow people down and lead them to find workarounds, making things even less secure.
A lot of companies start out with weak identity management strategies, like poor user verification or outdated identity data, which leaves them vulnerable. Even with tech like multifactor authentication (MFA) and biometrics, attackers still use stolen credentials to break in. Some examples of this include breaches at Ticketmaster and Santander, where issues like unsecured cloud accounts led to major problems.
Experts are saying that businesses need to shift to an “identity-first” security approach, moving away from the traditional idea of securing a physical perimeter. Concepts like zero trust, which involve constantly verifying every user, device, and app, are becoming essential. But making these big changes takes time and money, so organizations are also trying to strengthen existing security in the meantime.
The article also talks about the future of IAM, like using global identity wallets (GIWs) for faster and more secure identity verification. These wallets could make things more efficient and reduce costs but are expensive to set up. While they might not replace traditional systems, they could be a big part of making security better and more user-friendly in the long run.
Title: Unified Identity – look for the meaning behind the hype!
“Unified identity” is a hot trend in cybersecurity, but not all platforms deliver the same level of integration. A truly unified identity solution addresses an organization’s specific identity needs, simplifying access and security across all users and systems—essential for complex environments like hospitals or development studios. The push for unification helps companies reduce the chaos of managing many separate tools, improving security, lowering costs, and simplifying operations. However, depending on a single vendor for all identity needs can create a lock-in, so it’s wise to choose a solution that allows flexible integration with existing systems.
Link: https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html
The FBI has warned about cybercriminals exploiting compromised government and police email accounts to send fake Emergency Data Requests (EDRs), which allow for expedited access to user data from technology companies without a court order. These fake EDRs, facilitated by poor security practices and often sold on dark web forums, bypass standard review processes, increasing the risk of unauthorized data disclosures. Cybercriminals charge for such services and sometimes provide access to hacked email accounts, leaving the burden of forging documents to the buyer. To counteract these threats, companies are implementing systems to verify the legitimacy of law enforcement requests and prevent unauthorized data access.
AI Will Increase the Quantity and Quality of Phishing Scams
This article was focused on the creation of phishing emails from AI and also the number of emails that AI can generate. The article explains that AI is advanced enough to use current topics to create phishing emails. In our reading from this week one of the topics discussed was attackers using a bank merger to form an extremely realistic phishing email that resulted in about 68% of recipients falling victim. The scary thing with AI is not just how detailed it can make an email, but also how quickly it can do it. AI is able to generate phishing emails faster than a human, and for the most part they seem to be just as detailed, and they use current topics that make them feel accurate and real to the recipient. The article stated that 60% of recipients fell for AI generated phishing emails. I am very curious to see how cybersecurity teams are going to tackle AI in phishing emails, since it seems that phishing attacks have been pretty successful for a while now.
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
The FBI is reaching out more and more to public companies and individuals in order to get assistance in tracking down and stopping state sponsored hacking groups. This is notable due to how the infiltrations are taking place. All of the major breaches coming from these state sponsored groups are zero day vulnerabilities utilizing sophisticated new malware. This indicates that these groups have experienced developers working within them. Because of this security professionals are even more reliant on the dual pillars of information sharing within the industry around these vulnerabilities and ensuring that systems are kept up to date on patching.
If the trend continues of zero day breaches becoming more and more common industry professionals will need to lean even more on network detection tools to catch bad actors that have already infiltrated. Not only that, but identity management will become even more important as we need additional tools in order to verify that the people inside our networks are actually who they say they are.
Title: US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website
This article involves a teenager named Joseph Garrison from Wisconsin, who pleaded guilty to a credential stuffing attack on a fantasy sports and betting website. He accessed around 60,000 user accounts and stole about $600,000 from 1,600 accounts by adding a new payment method and withdrawing funds. Law enforcement found software and millions of usernames and passwords on his computer, along with evidence of conversations about hacking. Garrison faces up to five years in prison for conspiracy to commit computer intrusion. The targeted website is believed to be DraftKings, which reported a similar attack in November 2022.
The CSA, “2023 Top Routinely Exploited Vulnerabilities,” details the top 15 Common Vulnerabilities and Exposures (CVEs) collected by the authoring agencies in 2023. Eleven of the 15 CVEs were initially exploited as a zero day – a vulnerability in a computer system unknown to its owner, developer, and the general public. In contrast, only two of the top exploited vulnerabilities were zero day in the 2022 report.
In addition to the top 15 exploited CVEs, the CSA shares a comprehensive list of additional routinely exploited vulnerabilities. The authors are releasing the data points, along with previous annual reports, to assist in future trend analysis and retrospection.
Embracing The Future Of Cryptography And Identity Management
The cybersecurity landscape is evolving due to advances in quantum computing, the growth of IoT and OT devices, and new regulations. A couple of the key trends mentioned in this article are post-quantum cryptography and identity management in critical infrastructure. Quantum computing poses a threat to current encryption, prompting a shift toward quantum-resistant cryptography. Experts emphasize the need for preparedness for rapid adaptation to new cryptographic standards. Additionally, with cyberattacks on critical systems rising, robust identity and access management (IAM) and encryption lifecycle management are essential. Proactive investments in crypto-agility, automated processes, and identity-first security are crucial for organizations to thrive and set the standard for cybersecurity resilience in this new era.
Enhancing Healthcare Security: The Imperative Shift to Passwordless IAM with Passkeys
This article aims to educate the general public on the use of passkeys over passwords, specifically in the healthcare industry. It made greatest points onto the weaknesses of passwords that are often reused and are the subject of phishing attacks. It references a statistic that 80% of account breaches involve compromised passwords. It points out passkeys as a crucial component of a passwordless IAM function. It argues that passkeys offer enhanced security, and compliance adaptability since it is resistant to phishing attacks and is more likely to keep patient information secure when used in unison with other password less authentication methods such as biometrics and One-time passcode (OTP).
Title: US government charges hackers behind massive AT&T breach
The US government has formally charged hackers Alexander Connor Moucka and John Binns for a massive data breach impacting AT&T and other major companies. Arrested in Canada and Turkey, respectively, they allegedly stole 50 billion customer records using infostealer malware and accessed over 100 Snowflake corporate accounts, targeting companies like Ticketmaster, Santander Bank, and Advance Auto Parts. Sensitive data, including Social Security numbers, banking details, and call records, was compromised. The indictment implies AT&T, referred to as “Victim-2,” paid a ransom to secure its records, following an extortion scheme netting the hackers millions in bitcoin. The attacks affected 165 companies, with millions of customers’ data exposed.
Christopher Williams says
Google Cloud to Enforce MFA on Accounts in 2025
Google is stepping up its account security by making multifactor authentication (MFA) mandatory for all Google Cloud users by the end of 2025. Right now, only 70% of users have MFA turned on. The rollout will happen in three stages: starting this month, Phase 1 will focus on helping administrators prepare. In early 2025, Phase 2 will require all new and existing users who use passwords to enable MFA. By the end of 2025, Phase 3 will include users who connect through other identity providers.
This change follows a trend we discussed in our last assignment about stronger security practices. Other companies like AWS, Snowflake, and Microsoft Azure have already started similar steps to enforce MFA. While using MFA can cut the risk of account breaches by up to 99%, experts warn that it’s not perfect. Attackers are finding ways to bypass older MFA methods, so the focus is shifting toward adopting phishing-resistant MFA for better protection.
https://www.darkreading.com/identity-access-management-security/google-cloud-enforce-mfa-2025
Tache Johnson says
Socure’s “The State of Digital Identity in 2024” highlights the increased complexity of digital identity management, particularly for state agencies. Fraud is an important concern, with state institutions unable to safeguard identities and provide a smooth user experience. Old verification methodologies, legal limits, and sophisticated technology integration are important issues, according to the research. Layering authentication methods with AI and machine learning improves accuracy and reduces fraud.
Identity management, privacy, and digital identity security were covered this week. The article emphasizes the necessity for strong identity management systems to prevent identity fraud, reflecting this week’s readings on safe identity verification. It shows how developing technology like AI might solve identification issues, making it important to digital security conversations.
https://www.socure.com/news-and-press/socure-unveils-the-state-of-digital-identity-in-2024-report
Dawn Foreman says
https://www.thinkadvisor.com/2024/10/07/wells-fargo-customer-sues-over-data-breach/
Wells Fargo Client Sues Over Data Breach
On September 19, 2024, Wells Fargo announced a data breach that involved a former employee accessing highly sensistive data from May 2022 to March 2023. Wells Fargo began this investigation in July 2024 and it appears that many details still have yet to be divulged. The company is facing a class action lawsuit for negligence by, failing to adequately safeguard customers information.
Aisha Ings says
IAM: Enterprises face a long, hard road to improve
The article “Poor Identity and Access Management Puts Enterprise Data at Risk” by Stephen Pritchard explains how challenging it is for companies to get identity and access management (IAM) right. Organizations need to secure their systems and manage who gets access without making it difficult for employees, customers, or suppliers to do their work. If there are too many layers of security, it creates “friction,” which can slow people down and lead them to find workarounds, making things even less secure.
A lot of companies start out with weak identity management strategies, like poor user verification or outdated identity data, which leaves them vulnerable. Even with tech like multifactor authentication (MFA) and biometrics, attackers still use stolen credentials to break in. Some examples of this include breaches at Ticketmaster and Santander, where issues like unsecured cloud accounts led to major problems.
Experts are saying that businesses need to shift to an “identity-first” security approach, moving away from the traditional idea of securing a physical perimeter. Concepts like zero trust, which involve constantly verifying every user, device, and app, are becoming essential. But making these big changes takes time and money, so organizations are also trying to strengthen existing security in the meantime.
The article also talks about the future of IAM, like using global identity wallets (GIWs) for faster and more secure identity verification. These wallets could make things more efficient and reduce costs but are expensive to set up. While they might not replace traditional systems, they could be a big part of making security better and more user-friendly in the long run.
https://www.computerweekly.com/feature/IAM-Enterprises-face-a-long-hard-road-to-improve
Neel Patel says
Title: Unified Identity – look for the meaning behind the hype!
“Unified identity” is a hot trend in cybersecurity, but not all platforms deliver the same level of integration. A truly unified identity solution addresses an organization’s specific identity needs, simplifying access and security across all users and systems—essential for complex environments like hospitals or development studios. The push for unification helps companies reduce the chaos of managing many separate tools, improving security, lowering costs, and simplifying operations. However, depending on a single vendor for all identity needs can create a lock-in, so it’s wise to choose a solution that allows flexible integration with existing systems.
Link: https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html
Andrea Baum says
FBI: Spike in Hacked Police Emails, Fake Subpoenas
https://krebsonsecurity.com/2024/11/fbi-spike-in-hacked-police-emails-fake-subpoenas/#more-69445
The FBI has warned about cybercriminals exploiting compromised government and police email accounts to send fake Emergency Data Requests (EDRs), which allow for expedited access to user data from technology companies without a court order. These fake EDRs, facilitated by poor security practices and often sold on dark web forums, bypass standard review processes, increasing the risk of unauthorized data disclosures. Cybercriminals charge for such services and sometimes provide access to hacked email accounts, leaving the burden of forging documents to the buyer. To counteract these threats, companies are implementing systems to verify the legitimacy of law enforcement requests and prevent unauthorized data access.
Vincenzo Macolino says
AI Will Increase the Quantity and Quality of Phishing Scams
This article was focused on the creation of phishing emails from AI and also the number of emails that AI can generate. The article explains that AI is advanced enough to use current topics to create phishing emails. In our reading from this week one of the topics discussed was attackers using a bank merger to form an extremely realistic phishing email that resulted in about 68% of recipients falling victim. The scary thing with AI is not just how detailed it can make an email, but also how quickly it can do it. AI is able to generate phishing emails faster than a human, and for the most part they seem to be just as detailed, and they use current topics that make them feel accurate and real to the recipient. The article stated that 60% of recipients fell for AI generated phishing emails. I am very curious to see how cybersecurity teams are going to tackle AI in phishing emails, since it seems that phishing attacks have been pretty successful for a while now.
https://hbr.org/2024/05/ai-will-increase-the-quantity-and-quality-of-phishing-scams
Benjamin Rooks says
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
The FBI is reaching out more and more to public companies and individuals in order to get assistance in tracking down and stopping state sponsored hacking groups. This is notable due to how the infiltrations are taking place. All of the major breaches coming from these state sponsored groups are zero day vulnerabilities utilizing sophisticated new malware. This indicates that these groups have experienced developers working within them. Because of this security professionals are even more reliant on the dual pillars of information sharing within the industry around these vulnerabilities and ensuring that systems are kept up to date on patching.
If the trend continues of zero day breaches becoming more and more common industry professionals will need to lean even more on network detection tools to catch bad actors that have already infiltrated. Not only that, but identity management will become even more important as we need additional tools in order to verify that the people inside our networks are actually who they say they are.
https://thehackernews.com/2024/11/fbi-seeks-public-help-to-identify.html
Ericberto Mariscal says
Title: US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website
This article involves a teenager named Joseph Garrison from Wisconsin, who pleaded guilty to a credential stuffing attack on a fantasy sports and betting website. He accessed around 60,000 user accounts and stole about $600,000 from 1,600 accounts by adding a new payment method and withdrawing funds. Law enforcement found software and millions of usernames and passwords on his computer, along with evidence of conversations about hacking. Garrison faces up to five years in prison for conspiracy to commit computer intrusion. The targeted website is believed to be DraftKings, which reported a similar attack in November 2022.
Link: https://www.securityweek.com/us-teen-pleads-guilty-to-credential-stuffing-attack-on-fantasy-sports-website/
Nelson Ezeatuegwu says
2023 Top Routinely Exploited Vulnerabilities
The CSA, “2023 Top Routinely Exploited Vulnerabilities,” details the top 15 Common Vulnerabilities and Exposures (CVEs) collected by the authoring agencies in 2023. Eleven of the 15 CVEs were initially exploited as a zero day – a vulnerability in a computer system unknown to its owner, developer, and the general public. In contrast, only two of the top exploited vulnerabilities were zero day in the 2022 report.
In addition to the top 15 exploited CVEs, the CSA shares a comprehensive list of additional routinely exploited vulnerabilities. The authors are releasing the data points, along with previous annual reports, to assist in future trend analysis and retrospection.
https://media.defense.gov/2024/Nov/12/2003581596/-1/-1/0/CSA-2023-TOP-ROUTINELY-EXPLOITED-VULNERABILITIES.PDF
Cyrena Haynes says
Embracing The Future Of Cryptography And Identity Management
The cybersecurity landscape is evolving due to advances in quantum computing, the growth of IoT and OT devices, and new regulations. A couple of the key trends mentioned in this article are post-quantum cryptography and identity management in critical infrastructure. Quantum computing poses a threat to current encryption, prompting a shift toward quantum-resistant cryptography. Experts emphasize the need for preparedness for rapid adaptation to new cryptographic standards. Additionally, with cyberattacks on critical systems rising, robust identity and access management (IAM) and encryption lifecycle management are essential. Proactive investments in crypto-agility, automated processes, and identity-first security are crucial for organizations to thrive and set the standard for cybersecurity resilience in this new era.
Source: https://www.forbes.com/sites/tonybradley/2024/11/08/embracing-the-future-of-cryptography-and-identity-management/
Gbolahan Afolabi says
Enhancing Healthcare Security: The Imperative Shift to Passwordless IAM with Passkeys
This article aims to educate the general public on the use of passkeys over passwords, specifically in the healthcare industry. It made greatest points onto the weaknesses of passwords that are often reused and are the subject of phishing attacks. It references a statistic that 80% of account breaches involve compromised passwords. It points out passkeys as a crucial component of a passwordless IAM function. It argues that passkeys offer enhanced security, and compliance adaptability since it is resistant to phishing attacks and is more likely to keep patient information secure when used in unison with other password less authentication methods such as biometrics and One-time passcode (OTP).
https://www.accesswire.com/935950/enhancing-healthcare-security-the-imperative-shift-to-passwordless-iam-with-passkeys
James Nyamokoh says
Title: US government charges hackers behind massive AT&T breach
The US government has formally charged hackers Alexander Connor Moucka and John Binns for a massive data breach impacting AT&T and other major companies. Arrested in Canada and Turkey, respectively, they allegedly stole 50 billion customer records using infostealer malware and accessed over 100 Snowflake corporate accounts, targeting companies like Ticketmaster, Santander Bank, and Advance Auto Parts. Sensitive data, including Social Security numbers, banking details, and call records, was compromised. The indictment implies AT&T, referred to as “Victim-2,” paid a ransom to secure its records, following an extortion scheme netting the hackers millions in bitcoin. The attacks affected 165 companies, with millions of customers’ data exposed.
Source: https://cybernews.com/news/us-government-indictment-hackers-snowflake-breach/