The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Indhold leveret af CISO Tradecraft®. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af CISO Tradecraft® eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Minder om CISO Tradecraft®
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Outsource Acelerator Podcast, hosted by Derek Gallimore, explores business and outsourcing mastery. Inside-knowledge from the outsourcing capital of the world - Manila, Philippines.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
The traditional enterprise go-to-market motion is undergoing a transformational shift. B2B buyers are more sophisticated than ever, and operational efficiency is a key focus for every organization. One key function possesses a unique opportunity to shape the future of revenue generation: enablement. On this podcast, we’re bringing you the secrets, strategies, and tactics that successful enablement leaders are using to drive meaningful impact. The Enablement Edge is the go-to resource for sal ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
#169 - MFA Mishaps
Manage episode 401778214 series 2849492
Indhold leveret af CISO Tradecraft®. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af CISO Tradecraft® eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
In this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also highlights the significance of correct implementation of MFA to ensure optimum organizational security and how companies can fail to achieve this due to overlooking non-technical issues like legal consent for biometric data collection.
Transcripts: https://docs.google.com/document/d/1FPCFlFRV1S_5eaFmjp5ByU-FCAzg_1kO
References:
- Evil Proxy Attack- https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
- Microsoft Attack - https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/amp/
- Illinois Biometric Law - https://www.ilga.gov/legislation/publicacts/fulltext.asp?Name=095-0994
Chapters
- 00:00 Introduction
- 00:43 Understanding Multi Factor Authentication
- 01:05 Exploring Different Levels of Authentication
- 03:30 The Risks of Multi Factor Authentication
- 03:51 The Importance of Password Management
- 04:27 Exploring the Use of Trusted Platform Module for Authentication
- 06:17 Understanding the Difference Between TPM and HSM
- 09:00 The Challenges of Implementing MFA in Enterprises
- 11:25 Exploring Real-World MFA Mishaps
- 15:30 The Risks of Overprivileged Test Systems
- 17:16 The Importance of Monitoring Non-Production Environments
- 19:02 Understanding Consent Phishing Scams
- 30:37 The Legal Implications of Biometric Data Collection
- 32:24 Conclusion and Final Thoughts
187 episoder
Del
Manage episode 401778214 series 2849492
Indhold leveret af CISO Tradecraft®. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af CISO Tradecraft® eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
In this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also highlights the significance of correct implementation of MFA to ensure optimum organizational security and how companies can fail to achieve this due to overlooking non-technical issues like legal consent for biometric data collection.
Transcripts: https://docs.google.com/document/d/1FPCFlFRV1S_5eaFmjp5ByU-FCAzg_1kO
References:
- Evil Proxy Attack- https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
- Microsoft Attack - https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/amp/
- Illinois Biometric Law - https://www.ilga.gov/legislation/publicacts/fulltext.asp?Name=095-0994
Chapters
- 00:00 Introduction
- 00:43 Understanding Multi Factor Authentication
- 01:05 Exploring Different Levels of Authentication
- 03:30 The Risks of Multi Factor Authentication
- 03:51 The Importance of Password Management
- 04:27 Exploring the Use of Trusted Platform Module for Authentication
- 06:17 Understanding the Difference Between TPM and HSM
- 09:00 The Challenges of Implementing MFA in Enterprises
- 11:25 Exploring Real-World MFA Mishaps
- 15:30 The Risks of Overprivileged Test Systems
- 17:16 The Importance of Monitoring Non-Production Environments
- 19:02 Understanding Consent Phishing Scams
- 30:37 The Legal Implications of Biometric Data Collection
- 32:24 Conclusion and Final Thoughts
187 episoder
Alle episoder
×
Velkommen til Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Minder om CISO Tradecraft®
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Outsource Acelerator Podcast, hosted by Derek Gallimore, explores business and outsourcing mastery. Inside-knowledge from the outsourcing capital of the world - Manila, Philippines.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
The traditional enterprise go-to-market motion is undergoing a transformational shift. B2B buyers are more sophisticated than ever, and operational efficiency is a key focus for every organization. One key function possesses a unique opportunity to shape the future of revenue generation: enablement. On this podcast, we’re bringing you the secrets, strategies, and tactics that successful enablement leaders are using to drive meaningful impact. The Enablement Edge is the go-to resource for sal ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
