SORBS Shutdown, Microsoft Recall and TikTok's Zero-day and Apple's Passwords App
Notable security news for the week of June 2nd-8th 2024, SORBS spam blacklist service which was shutdown by the owner Proofpoint, Tiktok's zero-day vulnerability which was used by attackers to compromise high profile user accounts, Microsoft's Recall feature changed from default to opt-in in Windows 11 and Apple's new "Passwords" app.
F5 as a Service – A Suit of Armor and an Immune System in One
Imagine if we could block exploits like Poodle, HeartBleed or ShellShock around the globe for anyone that wanted us to in a matter of hours. That would be a good thing(tm) right? Well that possibility just took a big step towards realization. Hopefully many of the faithful readers of this blog (ok, both of you) have heard about the launch of the Silverline F5-as-a-service platform and in particular our DDoS Protection service which is the first of the f5 cloud powered services to come online. There are plenty of superficially similar services out there, all aiming to do a similar job, intercept the onslaught of traffic to your services, and slice out only the good traffic you want to get to your servers. So why is our service any different - other than the thought of all those red F5 balls glowing brighter as an attack ramps up (I so wish they did that)? I'm not going to go into the technical details of how the service works and why we believe we will produce less false positives, better screening and more intelligence than everyone else, I expect by now there are dozens of blogs, tweets and data sheets. What I find the most compelling is the hybrid on/off premises model and the fact that we will be able to use signaling and telemetry to create a powerful ecosystem of detection, mitigation and inoculation against a wide range of "low and slow" attacks that are sometimes best defended by an intelligent security device placed near the application. So now not only will your DDoS mitigation solution protect you from the avalanche of a volumetric DDoS attack, it's going to give you a local immune system where the antibodies are constantly being updated not just by attacks your infrastructure sees, but from every other subscriber in the community too. Note the careful use of tense here while the Silverline DDoS Protection is ready to go right now, the feedback and inoculation features are things we are still working on, but I'm watching with genuine excitement about what this could mean for the future of attack prevention.
Implementing Multi-Step Authentication with Separate Brute-Force Protections
Hello, Our application has a complex authentication process. When a user enters their email and password, we first verify the email by calling a URL to check if it exists in the database. If the email doesn’t exist, the authentication process stops there, and the password isn’t checked. If the email exists, we proceed to the second step, where the application calls a different URL to verify both the email and password. To manage this flow, I decided to use two separate login pages, each with its own brute-force attack prevention. I’ve successfully implemented the second login page (with two parameters), but I’m currently stuck on the first login page, as it only requires a single parameter. First step : any help would be appreciated Thank you.
