Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Контент предоставлен CISO Tradecraft®. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией CISO Tradecraft® или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
Похожие на CISO Tradecraft®
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How can business help solve society’s biggest challenges? Welcome to Series 3 of Take on Tomorrow, the award-winning podcast from PwC that examines the biggest problems facing society and the role business can—and should—play in solving them. This series, we’re welcoming broadcaster and journalist Femi Oke to the show. She joins podcaster and journalist Lizzie O’Leary, and together with industry innovators, tech trailblazers and visionary leaders from around the globe, they’ll explore timely ...
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Join host and Harvard Business School Online Creative Director Chris Linnane as he sits down with HBS faculty to discuss business education in a way that’s both entertaining and insightful. The Parlor Room is your key to breaking down academic theory without sacrificing depth—all while gaining practical takeaways for navigating the business world.
…
continue reading
We help founders make something people want.
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Player FM - приложение для подкастов
Работайте офлайн с приложением Player FM !
Работайте офлайн с приложением Player FM !
))
#169 - MFA Mishaps
Manage episode 401778214 series 2849492
Контент предоставлен CISO Tradecraft®. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией CISO Tradecraft® или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
In this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also highlights the significance of correct implementation of MFA to ensure optimum organizational security and how companies can fail to achieve this due to overlooking non-technical issues like legal consent for biometric data collection.
Transcripts: https://docs.google.com/document/d/1FPCFlFRV1S_5eaFmjp5ByU-FCAzg_1kO
References:
- Evil Proxy Attack- https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
- Microsoft Attack - https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/amp/
- Illinois Biometric Law - https://www.ilga.gov/legislation/publicacts/fulltext.asp?Name=095-0994
Chapters
- 00:00 Introduction
- 00:43 Understanding Multi Factor Authentication
- 01:05 Exploring Different Levels of Authentication
- 03:30 The Risks of Multi Factor Authentication
- 03:51 The Importance of Password Management
- 04:27 Exploring the Use of Trusted Platform Module for Authentication
- 06:17 Understanding the Difference Between TPM and HSM
- 09:00 The Challenges of Implementing MFA in Enterprises
- 11:25 Exploring Real-World MFA Mishaps
- 15:30 The Risks of Overprivileged Test Systems
- 17:16 The Importance of Monitoring Non-Production Environments
- 19:02 Understanding Consent Phishing Scams
- 30:37 The Legal Implications of Biometric Data Collection
- 32:24 Conclusion and Final Thoughts
216 эпизодов
Поделиться
Manage episode 401778214 series 2849492
Контент предоставлен CISO Tradecraft®. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией CISO Tradecraft® или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
In this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also highlights the significance of correct implementation of MFA to ensure optimum organizational security and how companies can fail to achieve this due to overlooking non-technical issues like legal consent for biometric data collection.
Transcripts: https://docs.google.com/document/d/1FPCFlFRV1S_5eaFmjp5ByU-FCAzg_1kO
References:
- Evil Proxy Attack- https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
- Microsoft Attack - https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/amp/
- Illinois Biometric Law - https://www.ilga.gov/legislation/publicacts/fulltext.asp?Name=095-0994
Chapters
- 00:00 Introduction
- 00:43 Understanding Multi Factor Authentication
- 01:05 Exploring Different Levels of Authentication
- 03:30 The Risks of Multi Factor Authentication
- 03:51 The Importance of Password Management
- 04:27 Exploring the Use of Trusted Platform Module for Authentication
- 06:17 Understanding the Difference Between TPM and HSM
- 09:00 The Challenges of Implementing MFA in Enterprises
- 11:25 Exploring Real-World MFA Mishaps
- 15:30 The Risks of Overprivileged Test Systems
- 17:16 The Importance of Monitoring Non-Production Environments
- 19:02 Understanding Consent Phishing Scams
- 30:37 The Legal Implications of Biometric Data Collection
- 32:24 Conclusion and Final Thoughts
216 эпизодов
Все серии
×
Добро пожаловать в Player FM!
Player FM сканирует Интернет в поисках высококачественных подкастов, чтобы вы могли наслаждаться ими прямо сейчас. Это лучшее приложение для подкастов, которое работает на Android, iPhone и веб-странице. Зарегистрируйтесь, чтобы синхронизировать подписки на разных устройствах.
Похожие на CISO Tradecraft®
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How can business help solve society’s biggest challenges? Welcome to Series 3 of Take on Tomorrow, the award-winning podcast from PwC that examines the biggest problems facing society and the role business can—and should—play in solving them. This series, we’re welcoming broadcaster and journalist Femi Oke to the show. She joins podcaster and journalist Lizzie O’Leary, and together with industry innovators, tech trailblazers and visionary leaders from around the globe, they’ll explore timely ...
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Join host and Harvard Business School Online Creative Director Chris Linnane as he sits down with HBS faculty to discuss business education in a way that’s both entertaining and insightful. The Parlor Room is your key to breaking down academic theory without sacrificing depth—all while gaining practical takeaways for navigating the business world.
…
continue reading
We help founders make something people want.
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Player FM - приложение для подкастов
Работайте офлайн с приложением Player FM !
Работайте офлайн с приложением Player FM !
