Where is this coming from?

I met somebody earlier this week who had been in one of my training sessions earlier this year. They had been going on about the changes they had made as result of that training course. The main one he was delighted with was the use of an authenticator app for multi-factor authentication or two factor authentication.

He had put this on, on many of his accounts and he was delighted with it. Because when he had checked his email addresses on www.HaveIBeenPwned.com he found that he had been in a number of data breaches and that his passwords had been exposed in those data breaches. So he made absolutely certain put on multi-factor authentication on those accounts.

That sounds like a good course of action

Then I asked him “and you changed your passwords. Right?”

He said “No. No. I can never remember … I always forget my passwords when I change them. So I use the same password all the time. But now the accounts are fully protected sure with the MFA.”

What is wrong with that?

But I was explaining to him that if he continued to use the same password, that has been included in a data breach, then this is going to be in the public domain and criminals are going to be using that password to try and break into any other accounts that he might have, that he might not have protected with MFA.

So poor passwords and MFA is not a good idea

So really he needed to go and make an investment and get himself a password manager and I reiterated that and I will always keep saying you should use a password manager to generate unique long strong passwords for every single account that you have online. Let the password manager remember them. That’s it’s job.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

The post #WeekendWisdom 090 Poor Passwords and MFA appeared first on L2 Cyber Security Solutions.

Recycling is good for the environment, isn’t it?

Earlier this week I was in doing a quarterly health check for one of my clients and I went up to one of the new members of staff. She was showing me her new phone that she had just gotten with the new number for the business. She had just set up WhatsApp and she was getting these strange messages coming into her and she was wondering how these were happening.

What it looks like is that the phone company they’re signed up with have reused or recycled a previous mobile number that had been assigned to somebody else.

How does WhatsApp Number Recycling occur?

Now if you think about it with WhatsApp when you set up an account all you need to authenticate is your mobile number. So in this case somebody had previously had that mobile number that this new member of staff has got now, people who were sending messages to her old number, to that other person’s number maybe in WhatsApp groups or whatever, they’re now going to this new phone that this member of staff has.

How do you protect against this?

The first thing I told her that she should do to protect her account is to setup the two factor authentication and there is also a recovery email option in there as well. So if you do find you’re getting strange messages on a new account or new number then that’s probably what’s happening.

Is this something new?

This has been going on for quite some time because I actually wrote this back in January 2019 and I have a link to the blog post I wrote about it back then. But this is now happening or seems to be happening here now in Ireland.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

The post #WeekendWisdom 087 WhatsApp Number Recycling appeared first on L2 Cyber Security Solutions.

What is going on right now?

Just earlier this week, US and UK cyber security authorities released an update on what the activity they are seeing online at the moment. And what they’ve seen is nation-state hacking groups or groups that are aligned with nation states appear to be targeting medical research companies, pharmaceutical companies, national health organisations and government departments. They do this to try and get some intelligence or some insider information from those, for their own benefits.

How does Password Spraying work?

What they are doing is they’re researching companies getting lists of names of people who are working there and then generating potential user IDs from those names. And then they’re doing what is called password spraying. This is where they then take those user IDs and put them in combination with some very commonly used passwords like “123456”, “qwerty” or “password1”.

They try to see if they can get a log on into the systems with those user IDs and passwords. So they spray this across as many as they can. And if they were successful in getting in, then they will try and get the information they’re looking for.

How do we protect ourselves from that?

So you can protect yourself by using things like a password manager to make complicated passwords and two factor authentication to prevent people from breaking in with just user IDs and passwords. I covered these off in #WeekendWisdom 016 and #WeekendWisdom 017.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

Follow us on Social media:

Liam is available on Twitter, LinkedIn and Instagram.

Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.

The post #WeekendWisdom 027 Password Spraying appeared first on L2 Cyber Security Solutions.

Before we get into multi-factor, let’s talk about single-factor. What is that?

What is Single-Factor Authentication

When you go to sign into some application or your email or LinkedIn, you type in your user ID and password and you get in. That is a single factor authentication. Your password is the one and only factor that’s used. So if the bad guys get your password by some nefarious means, by looking over your shoulder or compromising your password in some other way, once they have that, they are able to sign in as you.

What is Multi-Factor Authentication

But with multi-factor, you’re adding a second or another factor to authenticate you and prevent the bad guys from getting in. So we’ll cover off three types:

1 – SMS Text Message

The first type is using an SMS text message. So in this situation, you type in your user ID and password and you’ll get the service or application that you’re signing into to send you a text message with a six-digit code that you enter on the website to get in and that’s your second factor or multi-factor.

2 – Code Generator

The second type is using a code generator app on your phone or through a little hardware key that generates a 6 digit code for you and the same thing, user ID, password and then you get the code from your app to sign in.

3 – Security Key

And third, the most secure of all is using a security key. So these are little dongles that you plug into your laptop or into your phone. And when you get to have to authenticate to a service or application, you press the button on the security key and that authenticates you and then you’re in. So that’s multi-factor authentication.

So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.

www.L2CyberSecurity.com

www.twitter.com/L2Cyber

The post #WeekendWisdom 017 Multi-Factor Authentication appeared first on L2 Cyber Security Solutions.