Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Passkey Security. Show all posts
WhatsApp security features
Biometric Authentication cryptographic keys Cyber Security Passkey Security Passkeys Passkeys authentication WhasApp WhatsApp security features

WhatsApp Announces Passkey Support for its Users


The modern digital landscape is witnessing an upsurge in cybercrime activities, and users can no longer rely on strong passwords to protect themselves. 

Thankfully, even on the best low-cost Android phones, biometric authentication is becoming mainstream and easily accessible. This has led to the adoption of passkeys for user authentication by a number of well-known social networking platforms and password manager apps. WhatsApp is the newest application to offer passkey support for all of its users after a month of beta testing. 

Passkeys replace conventional passwords with a unique cryptographic key pair, such that only the users can log in. Only after a successful biometric authentication, the key is made accessible to the respective users, negating the requirement for two-factor authentication techniques like OTP distribution through SMS and email. Passkeys shield users from the risks associated with password reuse and phishing attacks. Google disclosed the new technology supports more rapid user authentication after revealing support for passkey storage in its password manager.  

WhatsApp’s effort in adopting passkey technology came to light in early August. Also, beta testing on the same commenced in late September. 

Now, around a month later, WhatsApp announced support for passkeys was coming in the stable channel on X (formerly Twitter). The feature makes the login process significantly more secure by taking the place of the one-time password (OTP) sent via SMS. The app enables users to authenticate themselves using screen lock options, including their on-device fingerprint, face unlock, PIN, or swipe pattern. In the meantime, Google Password Manager automatically stores the cryptographic key. 

The login system, with no password requirement, turns out to be quite time-efficient for users when they are setting up WhatsApp on a new phone. Commendable enough, WhatsApp is also explaining to online users how passkeys work, in order to secure their accounts.  

Moreover, it is important for users to see the difference between passkeys for logging into WhatsApp and in-app features like WhatsApp chat lock, which still requires biometric authentication. Importantly, passkeys and passwords for traditional user authentication will both be available on WhatsApp.

However, WhatsApp has not yet clarified whether the feature will be made immediately accessible everywhere. Nonetheless, Passkey support, like every other major WhatsApp feature, is anticipated to be implemented gradually in the stable channel. But it is still great to see WhatsApp reiterate its dedication to user security and privacy with features like this.  

Read more »
Session Hijacking Defense
Authentication Cookies cybersecurity solutions Data Protection Measures Infostealer Malware malware Multi-Factor Authentication (MFA) Passkey Security Prevention Session Hijacking Defense

Overcoming the Escalating Challenge Posed by Session Hijacking

 

Businesses are increasingly adopting security measures, from passkeys to multifactor authentication (MFA), to safeguard sensitive information and bolster their cybersecurity. However, it's crucial for security teams to acknowledge that these measures may not provide comprehensive protection for user data.

As enterprises implement new defenses to secure their networks, cybercriminals are simultaneously evolving their tactics to bypass these barriers. They are employing techniques like session hijacking and account takeover to circumvent passkeys and MFA, gaining unauthorized access to corporate systems. This is exacerbated by the fact that these tactics are largely facilitated by malware, which poses a significant challenge to security efforts.

Malware operates swiftly and discreetly, pilfering substantial amounts of accurate authentication data, including personally identifiable information (PII) such as login credentials, financial details, and authentication cookies. Some malware is even beginning to target local key vaults, like those managed by password managers, many of which have implemented passkey solutions. Last year, there were over 4 billion attempted malware attacks, making it the preferred method for cyberattacks. Moreover, SpyCloud's "2023 Annual Identity Exposure Report" revealed that more than 22 million unique devices fell victim to malware, with the stolen data finding its way to criminal networks for use in various attacks.

While malware-exfiltrated data, encompassing business application logins and cookies for crucial systems, is becoming increasingly valuable to criminals, security teams lack the necessary visibility to effectively counter these exposures. Those who comprehend how malware operates and how cybercriminals employ stolen data are better equipped to confront this threat.

Session hijacking commences when infostealer malware, often distributed through phishing emails or malicious websites, exfiltrates device and identity data. When a user logs into a site or application, a temporary authentication token (cookie) is stored in the browser. 

Criminals can import this along with additional details to replicate the user's device and location, gaining access to an authenticated session. This technique is highly effective, even against robust authentication methods, allowing criminals to bypass authentication entirely. This grants them undetected access to sensitive information, enabling further data theft or privilege escalation for targeted attacks like ransomware.

Criminals recognize the potential of session hijacking and have developed tools like EvilProxy and Emotet to target authentication cookies. In the face of a threat that undermines key defenses, corporations must consider innovative approaches to combat cybercrime.

Overcoming the challenge of session hijacking is formidable but not insurmountable. The primary hurdle in defending against infostealer malware-fueled attacks is the malware's ability to avoid detection. 

Newer forms of malware can swiftly siphon data and self-erase, making it challenging for security teams to even detect an attack. Furthermore, infostealer malware can infect personal and contractor devices beyond the usual scope of the security team's oversight, making it exceedingly difficult to identify all instances of exposure.

Fortunately, both of these concerns can be addressed through heightened threat awareness and visibility. Organizations must educate users on infostealers, how to avoid inadvertently downloading them onto devices accessing the corporate network or critical applications, and how to routinely clear cookies from their browsers.

In cases where malware manages to slip through defenses, understanding precisely what information was stolen is crucial. This allows teams to identify compromised user credentials and authentication cookies that require remediation. Simply wiping the infected device is insufficient, as stolen data can be exploited long after the initial infection is resolved. Organizations must pinpoint compromised data and take proactive steps, such as session invalidation and password resets, to sever potential entry points.

Ultimately, a comprehensive malware remediation process hinges on knowing what data was siphoned by infostealer malware. IT teams should prioritize solutions that offer enhanced visibility to address security gaps caused by malware. Armed with this knowledge, teams can take measures to safeguard all exposed assets, including authentication data, preserving the company's reputation and financial well-being.
Read more »
Subscribe to: Posts (Atom)