Interview: Former FBI Analyst on the CJIS MFA Mandate & Duo

Interview: Former FBI Analyst on the CJIS MFA Mandate & Duo

Recently, the FBI updated their CJIS (Criminal Justice Information Security) policy to require MFA for accessing any application housing CJIS data. Thankfully, we have a former FBI analyst on the Cisco Security team who can break it all down for us. Questions: 1. You’re currently the PMM Leader for Government and Public Sector at Cisco. Before joining Cisco, you spent 25 years supporting the United States Intelligence Community for various agencies. What do you see…

Read More

How to Prevent Phishing Attacks with Multi-Factor Authentication

How to Prevent Phishing Attacks with Multi-Factor Authentication

Phishing takes advantage of the weakest link in any organization’s cybersecurity system—-human behavior. Phishing attacks are generally launched via email, although some opening salvos have begun using text messaging or phone calls. In the most common scenario, an email arrives purporting to be from HR or IT, for example. It looks just like any other company email. It advises the viewer to update their personal information or IT profile by clicking on a link or…

Read More

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account. From there, they could use that account’s permissions to access a small number of Microsoft corporate email accounts – some of those accounts were for senior…

Read More

Increasing Adoption of Phishing Kits Puts MFA at Risk

Increasing Adoption of Phishing Kits Puts MFA at Risk

Anti-Phishing, DMARC , Fraud Management & Cybercrime , Incident & Breach Response Kit Enables ‘Man in the Middle’ Browser Session; MFA Makes Attackers Work Harder Prajeet Nair (@prajeetspeaks) • February 5, 2022     Because of increased use of multifactor authentication, attackers are developing phishing kits that steal tokens and bypass this trusted layer of security. See Also: Live Webinar | How to Stop the Four Horsemen of the Data Loss Apocalypse “Threat actors…

Read More
1 2