[TheRecord] CISA adds single-factor authentication to its catalog of ‘Bad Practices’

Earlier this year, in June, the US Cybersecurity and Infrastructure Security Agency (CISA) launched a new project called “Bad Practices” that consisted of a catalog of non-recommended cybersecurity practices, techniques, and configurations.

The initial list only included two entries, but in an update today, CISA officials added a new “bad practice” to their list—namely, the use of single-factor authentication for remote or administrative access systems.

“Single-factor authentication is a common low-security method of authentication,” the agency said in a press release today. “It only requires matching one factor—such as a password—to a username to gain access to a system.”

Instead, CISA recommended that organizations check its guide for implementing strong authentication [PDF], where multi-factor authentication is the recommended method of securing not only internet-connected accounts but also accounts of any kind.

CISA Bad Practices catalog

Currently, the CISA Bad Practices catalog includes the following entries:

Use of unsupported (or end-of-life) software.Use of known/fixed/default passwords and credentials.Use of single-factor authentication for remote or administrative access to systems.

Other bad practices CISA officials are currently considering adding to their catalog include the likes of:

Using weak cryptographic functions or key sizes.Flat network topologies.Mingling of IT and OT networks.Everyone’s an administrator (lack of least privilege).Utilization of previously compromised systems without sanitization.Transmission of sensitive, unencrypted/unauthenticated traffic over uncontrolled networks.Poor physical controls.

Security experts can also recommend other “bad practices” via this GitHub page.

The post CISA adds single-factor authentication to its catalog of ‘Bad Practices’ appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Hackers breached US Census Bureau in January 2020 via Citrix vulnerability

Unidentified hackers breached US Census Bureau servers in January 2020 by abusing a public exploit for a major vulnerability in the agency’s remote-access servers, a US government watchdog said on Monday. Census Bureau officials said the hacked servers were not connected to the 2020 Decennial Census networks, and the intruders did not have the opportunity […]

Read More

[ThreatPost] Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign

All posts, ThreatPost

Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations. Source: Read More (Threatpost)

Read More

[SecurityWeek] Private Data Sharing Firm TripleBlind Raises $24 Million in Series A Funding

All posts, Security Week

Private data sharing solutions provider TripleBlind on Monday announced raising $24 million in an oversubscribed Series A funding round, which brings the total raised by the company to more than $32 million. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.