Your Complete Guide to FIDO, Fast Identity Online

September 11th, 2019|Categories: Articles|Tags: , |

In the past years, advances in technology, a growing number of horrifying data breaches, and increasing awareness on the need to protect online personal and corporate accounts have led to growing efforts in creating multi factor authentication (MFA) technologies. But while the dream to creating authentication mechanisms that don’t rely on just memorizing and typing passwords dates back to many years, [...]

On-Premise Plus Cloud = The Hybrid Approach

August 26th, 2019|Categories: Articles|Tags: , , , , |

A quick look at the headlines of tech blogs and publications will give the impression that all companies and organizations are transferring their IT infrastructure and digital assets to public cloud services. The transition to the cloud is happening at a gradually accelerating pace. The future of online businesses, small and large, resides in the cloud. It sounds like a fair [...]

Air Gap Network Multi Factor Authentication

August 20th, 2019|Categories: Articles|Tags: , , |

Air gaping. It’s the ‘nuclear option’ of network security. By separating a machine from any other computer, managers can all but guarantee that it cannot be penetrated remotely. Air gaping, or network separation as it is often known, is the step taken by the serious neurotics among users or because the regulatory body you report to insist on it, those whom [...]

In Passwords We Trust! But Why?

August 15th, 2019|Categories: Articles|Tags: , , , , , |

The most recent security baseline report from Microsoft has been making waves in the world of digital security. Experts at Microsoft asset that password-based authentication represents a basic risk to networks. “There’s no question that the state of password security is problematic and has been for a long time,” reads the post. “When humans pick their own passwords, too often they [...]

14 British Cybersecurity Influencers That You Need to Follow

August 8th, 2019|Categories: Uncategorized|Tags: , , |

The UK is known for the XFactor and Brexit, but it also boasts incredibly talented, funny, and entertaining cybersecurity experts. Each of the experts listed below excels in their field, and their online content is enlightening and educational — check them out! Dave Whitelegg (@SecurityExpert) Although Whitelegg has been writing about IT and security since 2007, his cybersecurity journey began in [...]

Astaroth – The Great Duke of Hell

July 31st, 2019|Categories: Articles|Tags: , |

On the Octopus Blog, we’ve dedicated ourselves to tracking the evolution of credential-targeting threats endangering networks today. One of the more nefarious pieces of malware to be identified in recent time highlights both the risks posed to systems from Password-based authentication, as well as exemplifying why the industry’s approach to defense is misdirected.   Enter The Great Duke of Hell Recently, [...]

Every Password Matters – The PCM Case

July 22nd, 2019|Categories: Articles|Tags: , , , |

Large tech companies like Microsoft and Google go to great lengths to secure their services and protect their customers’ accounts and identities. But what about the security of the partners and third parties that provide services on their behalf? A recent article on famous cybersecurity blog KrebsOnSecurity blog post unveiled a breach at PCM, a major California-based provider of technology products, [...]

GoldBrute – The Enemy of RDP

July 2nd, 2019|Categories: Articles|Tags: , , |

Hardly a month goes by without new reports on attacks exploiting vulnerable password-based authentication systems. Earlier this month, analysts at Morhus Labs discovered a malicious bot campaign they named GoldBrute. Mode of Attack GoldBrute is a botnet that aims to hack Remote Desktop Protocols (RDP) that have weak credentials. The bot scans through IPs from a list of 1.5M RDP servers [...]

How Poor Passwords Turned 50,000 Servers Into Cryptocurrency Miners

June 26th, 2019|Categories: Articles|Tags: , , , |

In May, researchers from security firm Guardicore uncovered a massive campaign by Chinese hackers to break into online Windows servers and to infect them with cryptocurrency miners. Cryptominers are special malware that hijack the resources of the infected machine to solve complicated mathematical equations and collect cryptocurrency rewards. As explained by the security researchers, the hackers used sophisticated techniques along the [...]