Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Back in May 2022, Microsoft promised support for passwordless authentication using passkeys in the Windows operating system by the end of 2023. Windows 11 version 23H2, which Microsoft released to its preview channel on Tuesday, finally delivers on that promise.

This update to Windows 11, set to become generally available by the end of 2023, introduces the ability to generate passkeys using biometric authentication, a PIN or third-party password manager instead of passwords. The FIDO Alliance specification for creating digital private keys containing unique cryptographic credentials is based on the World Wide Web Consortium’s (W3C) WebAuthn standard.

“Passkeys are the cross-platform future of secure sign-in management,” wrote David Weston, Microsoft’s vice president of enterprise and operating system security. “A passkey creates a unique, unguessable cryptographic credential that is securely stored on your device.”

Hello to Passkeys

Experts view passkeys as the most promising form of authentication currently available for eliminating passwords and protecting accounts from attack. Because passkeys are linked to specific devices such as computers, tablets, and smartphones, users don’t have to memorize usernames and passwords for each website or online service. With passkeys, there are no passwords for attackers to steal, or multifactor authentication tokens to intercept. Access can only be granted with the unique cryptographic key, which can’t be guessed by an attacker. Passkeys can also be synced across devices within the same operating system, which simplifies the sign-in process.

Individuals can generate passkeys using Windows Hello, Windows Hello for Business or a smartphone, which are then stored on the device. Tologin to a website or application, the person would “unlock” the passkey with biometrics such as facial recognition or fingerprint scanning, or via a device-based PIN to gain access to the applications and websites. A passkeys management dashboard will be available in the Settings app, under Accounts >> Passkeys.

The FIDO protocols rely on standard public/private key cryptography techniques—when a user registers with a service, a new key pair is generated, Microsoft said. The private key is stored securely on the user’s device, while the public key is registered with the service. During authentication, the user’s device proves it has the private key, which can then be used only after it has been unlocked by one of the biometrics or PIN-based methods.

Microsoft says passkeys on the new Windows 11 update work with popular browsers including its own Edge, Google Chrome and Firefox. This feature will work with other websites and applications which already support the WebAuthn public key authentication standard, including Adobe, Amazon, DocuSign, GitHub, PayPal, Shopify and Uber. 1Password maintains a comprehensive directory of services that support passkeys.

Support Exists in iOS and macOS

Apple was the first to deliver passkey support in Sept. 2022, with its release of iOS 16 for iPhones and iPads, followed by its Safari browser. Later in 2022, Google added Passkeys to Android and more recently to Google Accounts.

Apple expanded the capabilities of passkeys in the release of iOS 17 on Sept. 18, 2023, adding support for Apple IDs, which eliminates the need to use a password on any site, or app that is enabled for passkeys. Further, Apple has added support for Apple Managed IDs, created for organizations using Apple Business Manager or Apple School Manager.

Managed Apple IDs support iCloud Keychain in macOS Sonoma, iOS 17 and iPad OS 17, said Alex Sokolov, who made the announcement at Apple’s Worldwide Developers Conference in June.

“With Managed Apple IDs, your users get all the benefits of using passkeys on all their devices with iCloud Keychain, and you get to manage their accounts,” he explained. “Passkeys stored in iCloud Keychain of Managed Apple IDs cannot be shared.”

Managed Passkeys for IT

Microsoft is providing IT and security administrators with a new policy to prevent password usage across the entire Windows experience, including device unlocks and authentication attempts. A policy in Microsoft Entra ID (Azure AD)-joined machines, eliminates the option to access company resources with just a username and password.

Microsoft will offer a feature, also available in preview mode for Windows Insiders called Config Refresh, that allows Windows 11 devices to automatically reset every 90 minutes by default, or adjusted down to every 30 minutes. It is accessed, via the policy configuration service provider (CSP), which maintains setting the way they were configured, The policy CSP covers hundreds of settings that were traditionally set with Group Policy and does so through Mobile Device Management, like Microsoft Intune,” Weston added. IT administrators can pause Config Refresh as needed, he noted.

“This is a major win for companies looking to automate best security practices,” says 1Password CPO Steve Won. “With tech giants such as Apple, Google and now Microsoft embracing passwordless authentication, another domino has fallen in the shift toward passkeys becoming the standard.”

Novato, California, September 27, 2023 – Radiant Logic, the Identity Data Fabric company, today announces the completed integration of Brainwave GRC following the April 2023 acquisition. These new capabilities solidify Radiant Logic’s entrance in the Identity Analytics market and position our platform in the Identity Governance and Administration market, as seen in the recent Gartner® Market Guide for IGA. With a new website launching today and the release of the full RadiantOne Identity Data Platform, including Identity Analytics, the company celebrates the final integration of Brainwave into Radiant Logic. 

Radiant Logic, the longtime leader in Identity Data Management, enters the field of Identity Analytics with unprecedented capabilities including Observability, Governance, and Compliance. With 90% of organizations experiencing at least one identity-related breach in the past year, according to the Identity Defined Security Alliance (IDSA), organizations are realizing the essential role of identity data quality and visibility within cybersecurity and overall IT operational maturity best practices.  

Identity data is the lifeblood for all access decisions, and must be made accessible as the authoritative source for all authentication, authorization, and administration engines. In a recent research note, Gartner recommends that organizations: “Accelerate IAM data improvements for their IAM program by increasing the priority of visibility/observability improvements, including applying the visibility, intelligence, action model to program prioritization decisions.”  

The new release from Radiant Logic represents a major step forward in the ability to use identity data management and identity analytics in cybersecurity and governance practices. Access to the right Identity Data, at the right time, is critical for any IAM tool, process, or policy. Visibility into all identity data and infrastructure gives clear insight into who has access to what and uncovers outliers and over-privileged access, which helps identify and close security gaps. It’s a powerful combination for any organization.    

“We’re thrilled to announce the full integration of Radiant Logic and Brainwave GRC as one company, one website, and one platform. The new RadiantOne Identity Data Platform will strengthen operational maturity for customers, improve regulatory compliance and audit responses, and enable data-driven security best practices,” said John Pritchard, Chief Product Officer, Radiant Logic. “We are only seeing the tip of the iceberg regarding the potential for leveraging data science and artificial intelligence in IAM, and we believe that by pairing vast amounts of identity data with analytical inferencing, the possibilities for innovation are endless.”  

With the new capabilities from RadiantOne, identity data can be supplied in a flexible and automated way, allowing organizations to base their security and policy decisions on the most accurate and complete data available. The addition of Identity Analytics brings visibility and intuitive visualization techniques, allowing organizations to use comprehensive identity data to find anomalies, add risk scores, easily respond to audits, and improve their overall security posture. 

Complete documentation is now available on the Radiant Logic developer portal, the support function is integrated via the customer support portal, and the full platform will be available as an integrated SaaS offering in Q4. The integrated platform combining Identity Data Management and Identity Analytics capabilities will accelerate Zero Trust projects, enable digital transformation, and simplify audit and compliance. Visit our new website at www.radiantlogic.com to learn more.  

Gartner [AP1] Disclaimers: 

Gartner, Market Guide for Identity Governance and Administration, 14 July 2023, Rebecca Archambault, et.al. 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

About Radiant Logic  

Radiant Logic, the identity data experts, helps organizations turn identity data into a strategic asset that drives automated governance, enhanced security, and operational efficiency.    

Our RadiantOne Identity Data Platform removes complexity as a roadblock to identity-first strategies by creating an authoritative data source for real-time, context-aware controls. We provide visibility and actionable insights to intelligently detect and remediate risk using AI/ML-powered identity analytics.  

With RadiantOne, organizations are able to tap into the wealth of information across the infrastructure, combining context and analytics to deploy governance that works for the most advanced use cases.  

It’s a radically simple approach. Learn more at http://www.radiantlogic.com/  

John Maddison, EVP of Product Strategy and CMO at Fortinet

“Military veterans can be vital to help fight against cybercrime but often lack access to training and career resources to enable them to successfully transition into civilian cybersecurity roles. As part of Fortinet’s commitment to addressing the cybersecurity skills gap, Fortinet established the Veterans Program Advisory Council with a focus on the Five Eyes countries to help strengthen Fortinet’s support of the military veterans community. With the guidance of the council, we will be able to bring more military veteran community members into the fold and also empower them with resources and opportunities to stay in the industry, improving military veterans retention in cybersecurity.

News Summary 

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has formed the Veterans Program Advisory Council, made up of a global board of esteemed members from organizations that support the military veterans community across the Five Eyes countries: United States, United Kingdom, New Zealand, Canada, and Australia. Members will provide counsel on how Fortinet can continue meeting the needs of military veterans looking to transition into the cybersecurity field.

Military veterans have many complementary skillsets that make them ideal candidates for cybersecurity roles, including discipline, problem-solving under immense pressure, situational awareness, and an understanding of the importance of maintaining a strong defense posture. With the industry facing a talent shortage with an estimated 3.4 million security roles needing to be filled worldwide, the veteran community can play a key role in filling critical cyber roles with access to training, mentorship, and employment opportunities.

Yet, the Fortinet 2023 Cybersecurity Skills Gap Global Research Report found that 43% of organizations indicated difficulty in recruiting qualified veterans for cybersecurity roles. At the same time, veteran turnover is high in the industry, with one key reason being the shortage of staff, leading to overwork and burnout. 

To further address these hurdles veterans face, the esteemed members of the Veterans Program Advisory Council with extensive backgrounds working with the military veteran community and as veterans themselves will help Fortinet strengthen its Veterans Program offerings by providing guidance on how to continue reskilling and upskilling veterans so they can start and stay in various cyber career pathways.

Veterans Program Advisory Council members (listed in alphabetical order) include:

• Chris Barlow, Managing Director at Cerco IT Ltd (U.K.)
• Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)
• Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (U.K.)
• Tom Marsland, Board Chairman and CEO at VetSec, Inc. (U.S.)
• Heath Moodie, Director of Vets in Cyber (Australia)
• James Murphy, Director of TechVets Programme, The Forces Employment Charity (U.K.)
• Bryan Radliff, CyberVets Program Manager at Onward to Opportunity, D’Aniello Institute for Veterans and Military Families (U.S.)
• Patrick Shaw, Founder of Cyber Catalyst (Canada)
• Mark Wilcox, Head of Cyber Training, Permanent Opportunities and Partnership at Cerco IT Ltd (U.K.)

Fortinet’s Commitment to Supporting Veterans to Close the Cyber Skills Gap

The Veterans Program Advisory Council will help build on the Veterans Program’s success in providing more cybersecurity training pathways for military veterans with both existing technical background or no IT experience. Fortinet provides Veterans Program members access to its Network Security Experts (NSE) Certification Program curriculum to help them transition into the cybersecurity field and advance in their security careers through access to cyber training, professional development resources, and employment opportunities. This year, the Veterans Program is celebrating five years of helping military service members, veterans, and military spouses receive the fundamental resources they need to transition into cyber roles.

Fortinet has also been recognized as a 2023 VETS Indexes Recognized Employer, further underscoring the company’s commitment to supporting the veteran community throughout their careers.

Veterans Program Advisory Council Members Biographies

Chris Barlow, Managing Director at Cerco IT Ltd (UK)

Chris Barlow joined Cerco in 2003, and has since established a recruitment division for graduates through Cerco Training, a large proportion of which were British forces veterans. Chris acquired the entire business in 2017, and the company has continued to grow, prosper, and develop further. The vision for Cerco is to become a market leader in taking novice talent and guiding them to the highest levels of IT support and cybersecurity. Chris has made employment connections for new engineers with global IT companies such as Fujitsu, Hewlett-Packard, and IBM.

Marty Donoghue, Chief Executive of the RNZRSA (New Zealand)

Marty Donoghue has been chief executive of the RNZRSA since October 2020. Marty has a 35-year track record of transformational leadership, successfully building and managing teams and mobilizing volunteers in New Zealand and internationally across defense, sport, science, and in the not-for-profit sector. Marty served in the New Zealand Army for 25 years and is a veteran of Bosnia, Angola, Bougainville, and Iraq. 

Colin Grimes, Training Coordinator of TechVets Programme, The Forces Employment Charity (UK)

Colin Grimes joined TechVets from the education sphere, where he worked as a primary school teacher with particular responsibility for computing across the curriculum. During his time in education, he also worked as a consultant to schools for the National Centre of Computing Education, delivering training to schools in computing and remote learning, leaning on lessons learned during the COVID-19 pandemic. Before this, he enjoyed a 24-year career as an air battle management specialist in the Royal Air Force. He also served as an instructor within the U.K. School of Air Battle Management, where he was responsible for training the next generation of air surveillance specialists.

Tom Marsland, Board Chairman and CEO at VetSec, Inc (US)

Tom Marsland is a cybersecurity professional with over 21 years of experience in the information technology and nuclear power industry. He has also served over 21 years in the U.S. Navy and has a BS in IT security and an MS in cybersecurity. He is the board chairman of VetSec and the VP of technology and technical services at Cloud Range. 

Heath Moodie, Director of Vets in Cyber (Australia)

Heath is the director of Vets in Cyber, where he is helping to build a mentoring program, running community events, and partnering with industry-leading training providers to offer employment assistance to veterans. As a five-year Australian Army infantry veteran, Heath transitioned into cybersecurity and was immediately confronted with the different cultures between the military community and civilian life. Wanting to be the change that he needed, Heath created a grassroots organization, Vets in Cyber, which is focused on helping to build a community around veterans to offer them the support they need within the cybersecurity industry.

James Murphy, Director of TechVets Programme, The Forces Employment Charity (UK)

James Murphy joined TechVets from Government Digital Services in the Cabinet Office, where he was employed as the head of threat intelligence, providing strategic cyber threat intelligence advice to key decision makers within central government with specific focus on protecting national infrastructure. Prior to this, James served for 19 years in the British military, deploying to Northern Ireland, East Africa, and Afghanistan with the infantry, receiving lifelong injuries as a result of enemy action. James then served the remainder of his service in intelligence, developing the army’s exploitation capability, providing support to U.K. Defence Engagement in East Asia before delivering strategic support to global joint military operations.

Bryan Radliff, CyberVets Program Manager at Onward to Opportunity (O2O) (US)

Bryan Radliff serves as the CyberVets program manager in the Onward to Opportunity Program for the D’Aniello Institute for Veterans and Military Families (IVMF) at Syracuse University. CyberVets is a skills-to-job pathway that aims to fast-track veterans into high-demand cyber careers by providing no-cost employment training, industry certifications, and career services to transitioning service members, veterans, and military spouses. Bryan is a 31-year veteran of the U.S. Army, serving as an enlisted medical supply specialist, infantryman, and an armor/cavalry officer before retiring as a lieutenant colonel. 

Patrick Shaw, Founder of Cyber Catalyst and Tech Vets (Canada)

Founder of Cyber Catalyst and co-founder of Coding For Veterans (CFV), Pat initiated Cyber Catalyst Talent Solutions to assist veterans achieve meaningful and rewarding careers using the skills developed through their upskilling or reskilling studies. Pat curated the CFV secure software development and the cybersecurity curriculum and established the learning approach aligning widely recognized industry certification exams to meet the cyber talent needs of employers. Cyber Catalyst Talent Solutions offers job-focused microcredentialing and certifications in support of job placement. Tech Vets Canada engages veterans and military family members with career mentorship and learning support.

Mark Wilcox, Cyber Training, Opportunities and Partnership at Cerco IT Ltd (UK)

Mark has over 30 years of commercial software development experience, the majority of which has involved web technologies. Throughout his career, Mark has developed and supported complex systems for a range of clients, including the London Stock Exchange, Lloyds Bank, Ryman stationers, Debenhams, and Woolworths. In January 2022, Mark joined Cerco IT to head up the cybersecurity training and employment division. As a key architect of Cerco’s Cradle to Cyber training program, an initiative to provide advanced network security skills to Cerco’s trained graduates (many of whom are ex-armed forces), Mark continues to forge relationships with internationally renowned tech and training partners, such as Fortinet and CompTIA.

Additional Resources

About Fortinet

Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.

WESTFORD, Mass., September 26, 2023 – NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT) today announced findings from its 1H2023 DDoS Threat Intelligence Report. Cybercriminals launched approximately 7.9 million Distributed Denial of Service (DDoS) attacks in the first half of 2023, representing a 31% year-over-year increase.

Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. Finland was targeted by pro-Russian hacktivists in 2022 during its bid to join NATO. Turkey and Hungary were targeted with DDoS attacks for opposing Finland’s bid. In 2023, Sweden experienced a similar onslaught around its NATO bid, culminating with a 500 Gbps DDoS attack in May. Overall, ideologically motivated DDoS attacks have targeted the United States, Ukraine, Finland, Sweden, Russia, and multiple other countries.

During 2H2022, NETSCOUT documented a trend in DDoS attacks against wireless telecommunications providers that incurred a 79% increase globally. That trend continued among APAC wireless providers in 1H2023 with a 294% increase, which correlates to many broadband gaming users shifting their activity to 5G fixed wireless access as providers roll out their networks.

NETSCOUT’s insights into the threat landscape come from its ATLAS sensor network built over decades of working with hundreds of Internet Service Providers globally, gleaning trends from an average of 424 Tbps of internet peering traffic, an increase of 5.7% over 2022. The company has observed nearly 500% growth in HTTP/S application layer attacks since 2019 and 17% growth in DNS reflection/amplification volumes during the first half of 2023.

“While world events and 5G network expansion have driven an increase in DDoS attacks, adversaries continue to evolve their approach to be more dynamic by taking advantage of bespoke infrastructure such as bulletproof hosts or proxy networks to launch attacks,” stated Richard Hummel, senior threat intelligence lead, NETSCOUT. “The lifecycle of DDoS attack vectors reveals the persistence of adversaries to find and weaponize new methods of attack, while DNS water torture and carpet-bombing attacks have become more prevalent.”

Other key findings from the NETSCOUT 1H2023 DDoS Threat Intelligence Report include:

• Carpet-Bombing Attacks Rise. A resurgence in carpet-bombing attacks occurred since the beginning of the year, with a 55% increase to more than 724 daily, which NETSCOUT believes is a conservative estimate. These attacks cause significant harm across the global internet, spreading to hundreds and even thousands of hosts simultaneously. This tactic often avoids triggering high bandwidth threshold alerts to begin timely DDoS attack mitigation.
• DNS Water-Torture Attacks Become Commonplace. DNS water-torture attacks rose nearly 353% in daily attacks since the beginning of the year. The top five industries targeted include wired telecom, wireless telecom, data processing hosting, electronic shopping and mail-order companies, and insurance agencies and brokerages.
• Higher Education and Governments Disproportionately Attacked. Adversaries create their own or use different types of abusable infrastructure as platforms to launch attacks. For example, open proxies were consistently leveraged in HTTP/S application-layer DDoS attacks against targets in the higher education and national government sectors. Meanwhile, DDoS botnets featured frequently in attacks against state and local governments.
• DDoS Sources Are Persistent. A relatively small number of nodes are involved in a disproportionate number of DDoS attacks, with an average IP address churn rate of only 10%, as attackers tend to re-use abusable infrastructures. While these nodes are persistent, the impact fluctuates as adversaries rotate through different lists of abusable infrastructure every few days.

Visit our interactive website for more information on NETSCOUT’s semi-annual DDoS Threat Intelligence Report. For real-time DDoS attack stats, map, and insights, visit NETSCOUT Cyber Threat Horizon. You can also find us on Facebook, LinkedIn, and Twitter.

About NETSCOUT

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance and availability disruptions through the company’s unique visibility platform and solutions powered by its pioneering deep packet inspection at scale technology. NETSCOUT serves the world’s largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.

©2023 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Visibility Without Borders, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, Omnis, and TrueCall are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.