Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack threatpost.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from threatpost.com Daily Mail and Mail on Sunday newspapers.
Evertiq - Component shortage - an evaluation of the situation evertiq.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from evertiq.com Daily Mail and Mail on Sunday newspapers.
minute read
Share this article:
RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
Regional internet registry RIPE NCC is warning of a credential-stuffing attack against its single sign-on service, RIPE NCC Access, and is encouraging users to implement two-factor authentication (2FA).
Click to Register
Located in Amsterdam, the Réseaux IP Européens Network Coordination Centre (RIPE NCC) is the regional internet registry for Europe, Western Asia and the former Soviet Union. RIPE NCC said that the attack, which occurred last weekend, caused “some downtime.” However, it said that preliminary investigations do not yet reveal that any single sign-on (SSO) accounts have been compromised.
Ransomware attackers recently infiltrated an unnamed company in part by compromising the admin account of a deceased employee who had passed away three months earlier. (Photo by Chris Hondros/Getty Images)
A recent ransomware attack highlight the dangers of extraneous accounts sitting on your network â particularly those belonging to former employees.
Standard cyber hygiene calls for the purging of employeesâ credentials accounts from a corporate network once they quit or are fired from their position. And on those occasions in which an employee dies, that same practice should apply. But according to a blog post this week from Sophos, attackers from the Nefilim ransomware gang recently infiltrated an unnamed company in part by compromising the admin account of a deceased employee who had passed away three months earlier.