#BruteForceProtection

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

by

December 11, 2024 at 09:42AM A critical vulnerability in Microsoft’s multi-factor authentication (MFA) was identified, allowing attackers to bypass security easily without user notice. Labeled AuthQuake, the flaw stemmed from inadequate rate limits and extended code validity. Microsoft addressed the issue in October 2024, tightening security measures to enhance MFA effectiveness. **Meeting Takeaways: Dec 11, … Read more

New Cisco ASA and FTD features block VPN brute-force password attacks

by

October 26, 2024 at 01:44PM Cisco has implemented new security features for ASA and Firepower Threat Defense to combat brute-force and password spray attacks, enhancing network protection and resource efficiency. The update allows admins to configure settings to block repeated failed login attempts and other malicious connection attempts, significantly reducing successful attack rates. ### Meeting … Read more