According to information regards the latest security incidents with LastPass, Cisco, Uber, and Okta, adversaries exploited two-factor authentication procedures to disable or bypass access control. Such techniques as MFA Bombing, Fishing, MFA fatigue, and 2FA Men-in-the-Middle (MiTM) attacks were used to mislead end-user, steal plain text passwords and perform MiTM on two-factor authentication. The user-friendly feature “Allow authentication request” was misused as a tool. In all cases, adversaries were able to bypass two-factor authentication by either disabling it on target accounts, stealing MFA secrets, or adding a new MFA profile.
We would like to recommend the use of a SecureData SecureUSB® Duo encrypted device in conjunction with Rohos Logon Key for Windows Logon two-factor authentication. This will give you an additional layer of security. SecureUSB Duo hardware-encrypted USB Flash Drive offers Host/OS Independent user authentication and military-grade security. User authentication can be done by using the physical keypad on the USB drive or via your smartphone using the free User app (iOS or Android). When using the keypad, you can either plug it into an open USB Port on any type of Windows computer and enter your 7-64-digit PIN (password) to unlock the drive, or press the key button, enter the PIN, and then plug it into any open USB port. When using the phone to authenticate, you will need to download the free app from the App Store for iPhone, or from the Google Play Store for Android devices. To unlock the drive using the app, you will need to plug the drive into the host and then open the app on the phone. Using a smartphone for user authentication offers additional security layers that you can set up in the app. You can set 2FA to unlock the drive or use bio-metrics. We also suggest setting up PIN recovery in the event the PIN is ever forgotten. Rohos Logon Key is the only solution on the market that allows the setup of two-factor authentication redundancy by employing multiple 2FA methods on the organization level or user account level. Read more to find out how to configure and use SecureUSB for Windows logon.
We are glad to announce Rohos Logon Key 5.0 early preview with improvements in the ‘2FA bypass control’ feature and better compliance with Microsoft Defender.
Read the rest of this entry »
We would like to share some advice regarding two-factor authentication and its use with an admin account when logging into Windows RDP. If it is not enabled currently we would strongly advise setting up the admin account for additional OTP authentication in conjunction with Remote Desktop access and Rohos Logon Key. Let’s review the pros and possible side effects.
Of course, it is highly recommended to use 2FA for the admin account, and it is definitely recommended rather than keeping it 1FA only. Just to remind you the default RDP login based on NLA credentials (user login and password in plain form stored in .rdp connection file) from the client side is quite vulnerable now since these credentials may be stolen and used by malware operators in an automated way – so the attack speed will be just 5-10 minutes. So today, the absence of additional authentication factors (2FA/MFA) is considered negligent. Even more, due to recent development in exploits and malware for the Windows operating system, desktop sessions created by regular user accounts also may be elevated to Admin Privileges in Domain or Active Directory (AD) with a high success rate depending on your defense type (Anti-virus type, EDR solutions, etc). So a variety of exploits for horizontal/lateral movement in AD are huge also. But of course, Admin’s accounts are always a special target for cyber-criminals and are traded as a high-price asset on the darknet.
To summarise, definitely you need to start your cyber-security efforts in 2FA from some point, and admin accounts are the right starting point, highlighting you have a cyber-security strategy. Especially with Rohos, since it is very easy to start with and has a fixed one-time price.
Read the rest of this entry »
24We have updated the Rohos Logon Key setup package for compatibility with Mac OX X 12, Monterey.
Rohos Logon Key for Mac now works on the latest version of Mac OX X 12. We have tested it with a USB flash drive, Yubikey, Bluetooth key, and Rohos Smartphone login methods.
This is an update where we rebuilt all binary components in a safe environment after strengthening our internal software development security. We also checked Rohos Disk with the latest Windows 11 and new Google Drive “Stream Mode” feature. Both container file or file encryption is compatible with google virtual drive letter. Rohos Disk is a good choice for vendor-independent End-2-End encryption for your Google Drive, OneDrive, or DropBox files.
What’s new in Rohos Disk v3.2:
Windows 11 Support tested and verified.
Removed legacy authentication modules.
Removed Folder Virtualization feature from Rohos Disk Browser.
Fixed installation of File Shredder tool (Explorer “Send To” command in context menu).
Added Smartphone authentication method that allows using Android/iOS phone as a key for your Encrypted Disk.
This is a short announcement to confirm that all the latest versions of Rohos software products are fully compatible with the latest Windows 11 operating system. We continue to develop Rohos product line by adding new features according to our plans. We appreciate all of our users and customers for the valuable feedback while choosing Rohos cyber security solutions.
Rohos Software compatible with Windows 11:
Rohos Logon Key, Rohos Logon Key free, Rohos Face Logon
Rohos Disk Encryption, Rohos Mini Drive
October 11th, 2021 in
Nachrichten |
Comments Off on Windows 11 support
We are glad to announce Rohos Logon Key 4.8 with automated control over ‘2FA bypass scenarios’. The new experimental feature allows getting an immediate push notification on the smartphone when the 2FA procedure was avoided during login/unlock or reconnect to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing or social engineering – all these lead to unpredictable threat models and risks.