Multi Factor Authentication

Read all about the best Multi Factor Authentication methods on the Octopusblog. Learn about the difference between authentication factors and there pros and cons.

True Cost of Password Based Authentication

By Amit Rahav|October 3rd, 2019|Categories: Articles|Tags: , , , |

Just because you don’t have to pay anything extra to buy this common form of authentication, it doesn’t mean that passwords are free.  Far from it, quite often passwords end up costing enterprises much more than what they have bargained for. Although the cost of passwords rarely comes up in management meetings, authenticating identity using passwords is a significant expense for [...]

On-Premise Plus Cloud = The Hybrid Approach

By Inbal Voitiz|August 26th, 2019|Categories: Articles|Tags: , , , , |

A quick look at the headlines of tech blogs and publications will give the impression that all companies and organizations are transferring their IT infrastructure and digital assets to public cloud services. The transition to the cloud is happening at a gradually accelerating pace. The future of online businesses, small and large, resides in the cloud. It sounds like a fair [...]

In Passwords We Trust! But Why?

By Amit Rahav|August 15th, 2019|Categories: Articles|Tags: , , , , , |

The most recent security baseline report from Microsoft has been making waves in the world of digital security. Experts at Microsoft asset that password-based authentication represents a basic risk to networks. “There’s no question that the state of password security is problematic and has been for a long time,” reads the post. “When humans pick their own passwords, too often they [...]

Every Password Matters – The PCM Case

By Amit Rahav|July 22nd, 2019|Categories: Articles|Tags: , , , |

Large tech companies like Microsoft and Google go to great lengths to secure their services and protect their customers’ accounts and identities. But what about the security of the partners and third parties that provide services on their behalf? A recent article on famous cybersecurity blog KrebsOnSecurity blog post unveiled a breach at PCM, a major California-based provider of technology products, [...]

GoldBrute – The Enemy of RDP

By Inbal Voitiz|July 2nd, 2019|Categories: Articles|Tags: , , |

Hardly a month goes by without new reports on attacks exploiting vulnerable password-based authentication systems. Earlier this month, analysts at Morhus Labs discovered a malicious bot campaign they named GoldBrute. Mode of Attack GoldBrute is a botnet that aims to hack Remote Desktop Protocols (RDP) that have weak credentials. The bot scans through IPs from a list of 1.5M RDP servers [...]

How Poor Passwords Turned 50,000 Servers Into Cryptocurrency Miners

By Shimrit Tzur-David|June 26th, 2019|Categories: Articles|Tags: , , , |

In May, researchers from security firm Guardicore uncovered a massive campaign by Chinese hackers to break into online Windows servers and to infect them with cryptocurrency miners. Cryptominers are special malware that hijack the resources of the infected machine to solve complicated mathematical equations and collect cryptocurrency rewards. As explained by the security researchers, the hackers used sophisticated techniques along the [...]

How Phishing Can Overcome 2FA

By Amit Rahav|June 17th, 2019|Categories: Articles|Tags: , , |

Phishing is a serious and ever-present threat to businesses and individuals The development of increasingly sophisticated methods coupled with high success rates has caused phishing attacks to double over the past year. While phishing comes in many forms, all phishing methods are in essence an attempt to extract credentials from an unsuspecting user through some form of trickery or outright manipulation. [...]

Shared Account Authentication – Solved!

By Amit Rahav|May 7th, 2019|Categories: Articles|Tags: , , , |

While today’s tech world is fast developing individual accounts rights and privileges, many organizations are using shared credentials to access shared resources. Shared resources can be tied to pretty much any platform or network tool, from email accounts, to servers and databases. An organization may end up using shared accounts for a variety of reasons. Sometimes the particular online tool leaves [...]

How Does Passwordless Authentication Work?

By Shimrit Tzur-David|April 8th, 2019|Categories: Articles|Tags: , , , |

What is Passwordless Authentication? Passwordless authentication is any method of verifying the identity of a user that does not require the user to provide a password. Instead of passwords, proof of identity can be done based on possession of something that uniquely identifies the user (e.g. a one-time password generator, a registered mobile device, or a hardware token), or the user’s [...]

Securing Remote Access – The Guide

By Amit Rahav|January 24th, 2019|Categories: Articles|Tags: , , |

Among the elements of cybersecurity, the human factor in data security continues to be the most difficult to control--and cybercriminals know it. Of all the areas of a network vulnerable to human error, remote access channels are probably most susceptible to attack and a likely route for hackers trying to breach an organization. Common remote access solutions targeted by hackers include [...]

How to Evaluate Push Authentication Solutions

By Shimrit Tzur-David|January 21st, 2019|Categories: Articles|Tags: , , |

It should come as no surprise that the global market for multi-factor authentication (MFA) technology is expected to grow fourfold by 2025. On the one hand, software continues to eat the world and online services are becoming increasingly important in every aspect of daily life, business, health care, politics, military, etc. On the other hand, data breaches are also rising in [...]

Preventing Corporate Account Takeover (CATO)

By Inbal Voitiz|January 14th, 2019|Categories: Articles|Tags: , , |

Businesses of all types and sizes present attractive targets for today’s cybercriminals. This is due to the simple fact that user accounts attached to organizations tend to give access to more assets than private ones. As the sophistication of cyber criminals has increased, the threat of the Corporate Account Takeover (CATO) has grown in tandem. For years, incidents of CATO have, [...]

What will Authentication Look Like in 2019

By Amit Rahav|January 2nd, 2019|Categories: Articles|Tags: , , |

With 2019 starting, it’s a good time to look back at 2018 to remember the lessons learned from security incidents involving user authentication and examine how the landscape will look in the next year.   Poor passwords continue to take their toll Like every year, 2018 taught us that poor passwords haven’t gone away, and they continue to give hackers easy [...]