fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft will Disable Exchange Online Basic Auth Next Month

Microsoft will Disable Exchange Online Basic Auth Next Month

Microsoft warned customers today that it will finally disable basic authentication in random tenants worldwide to improve Exchange Online security starting October 1, 2022.

Today’s announcement follows multiple reminders and warnings the company has issued over the last three years, the first published in September 2019.

The company again asked customers to toggle off basic auth in September 2021 and May 2022 after seeing that many of them were yet to move their clients and apps to Modern Authentication.

“Since our first announcement nearly three years ago, we’ve seen millions of users move away from basic auth, and we’ve disabled it in millions of tenants to proactively protect them. We’re not done yet though, and unfortunately usage isn’t yet at zero. Despite that, we will start to turn off basic auth for several protocols for tenants not previously disabled,” the Exchange Team said today.

Also Read: The Financial Cost of Ransomware Attack

“Starting October 1st, we will start to randomly select tenants and disable basic authentication access for MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell.”

Redmond says a message announcing this move will be posted to the Windows Message Center seven days before the rollout begins. Each tenant will be notified via the Service Health Dashboard notifications when basic auth is disabled.

On tenants where this authentication scheme will be disabled, customers will still be able to re-enable it once per protocol using the self-service diagnostic until the end of December 2022. However, the protocols “will be disabled for basic auth use permanently” during the first week of January 2023, with no way of using basic auth again.

Until now, Microsoft says it has already disabled basic auth in millions of tenants that weren’t using it and is also toggling off unused protocols within tenants still using it to protect them from attacks exploiting this insecure auth scheme.

Disabling Basic Auth manually
Disabling basic auth manually via Microsoft 365 admin center (Microsoft)

“This effort has taken three years from initial communication until now, and even that has not been enough time to ensure that all customers know about this change and take all necessary steps. IT and change can be hard, and the pandemic changed priorities for many of us, but everyone wants the same thing: better security for their users and data,” Microsoft added.

Also Read: Lessons from PDPC Incident and Undertaking: August 2021 Cases

Why is Microsoft disabling basic authentication?

Basic authentication (aka legacy authentication or proxy authentication) is an HTTP-based auth scheme applications use for sending credentials in plain text to servers, endpoints, or various online services.

Unfortunately, this allows threat actors to steal credentials in man-in-the-middle attacks over TLS or guess them in password spray attacks. They can steal clear text credentials from apps using basic auth via several tactics, including social engineering and info-stealing malware.

Modern Authentication (an umbrella term for multiple authentication and authorization methods) uses OAuth access tokens that can’t be re-used to authenticate on other resources besides the ones they were issued for.

To make things even worse, basic auth makes it quite complicated to enable multi-factor authentication (MFA), which means that it will often not be used at all. Toggling on Modern Auth makes enabling MFA much less complicated, thus allowing for better Exchange Online security.

While there are many reasons behind switching to Modern Auth in Exchange Online, a Guardicore report added another to the list in September 2021.

It further highlighted the importance of this move, showing how hundreds of thousands of Windows domain credentials were leaked in plain text to external domains by misconfigured email clients using basic auth.

“Our own research found that more than 99 percent of password spray attacks leverage the presence of Basic Authentication,” Microsoft 365 General Manager Seth Patton added.

“The same study found that over 97 percent of credential stuffing attacks also use legacy authentication. Customers that have disabled Basic Authentication have experienced 67 percent fewer compromises than those who still use it.”

You can find more info on preparing for October’s forced basic authentication deprecation and the best way to disable basic auth beforehand in the blog post The Exchange Team published today.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us