8 Strategies for Defending Against Help Desk Attacks

COMMENTARY. Defensive security techniques often lag offensive attack tactics, opening companies to heightened risk from rapidly evolving threats.
An alarming case in point is the help desk, one of today's most exposed organizational Achilles' heels.
Attacks on the help desk are an obvious offensive play by cybercriminals: Malicious actors want credentials to penetrate networks and move laterally, and help desks dispense credentials and IT equipment to users experiencing password lockouts, lost devices, and so on.
Compromising the help desk can give attackers access to sensitive information that can fuel additional company breaches.
It stands to reason that the help desk is ripe for attacks.
While many companies rigorously try to secure the network perimeter, end users, emails, and almost every frontier of risk, the help desk often gets lost in the mix.
Many companies have no process for validating the identities of employees who contact the help desk for assistance with accessing their devices and data.
Many help desks are outsourced, and many rarely ask for any validation of the user beyond their name.
Help desk procedures have escaped the security rigor applied to other areas of the threat surface.
It's predictable that help desks have become a focus for threat actors.
Worse, attackers are taking it a step beyond, wielding generative artificial intelligence tools against anticipated advances in defensive tactics.
AI-Based Help Desk Attack Tactics in the Spotlight Help desk social engineering attacks are a common vector for breaches and ransomware attacks that can lead to devastating consequences.
Much of the information needed to wage social engineering attacks is easily available: social media sites like LinkedIn provide a wealth of information about employees, including their names, positions, and office locations.
Lax help-desk validation procedures make it easy for attackers to impersonate employees requesting password resets, for example.
Even though smaller companies and those with onsite help desks may be more likely to recognize employees' voices, deepfakes can trip them up.
How to Protect the Help Desk from Social Engineering It's essential to create robust help-desk procedures to validate an employee's identity before resetting passwords or issuing credentials.
Direct the user to use their last password and then reset to a new password using the prescribed password conventions.
For issues where you cannot send an MFA push, initiate a video call with the user displaying their government-issued ID and their computer and its serial number.
Ensure that sensitive data like passwords, crash dumps, and session tokens are not left in the service desk platform.
A Never-Ending Battle Worth Fighting Help desks are an obvious line of vulnerability from a hacker's point of view.


This Cyber News was published on www.darkreading.com. Publication date: Thu, 21 Dec 2023 18:00:07 +0000


Cyber News related to 8 Strategies for Defending Against Help Desk Attacks

8 Strategies for Defending Against Help Desk Attacks - COMMENTARY. Defensive security techniques often lag offensive attack tactics, opening companies to heightened risk from rapidly evolving threats. An alarming case in point is the help desk, one of today's most exposed organizational Achilles' heels. ...
1 year ago Darkreading.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Securing helpdesks from hackers: What we can learn from the MGM breach - In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to security, particularly when it comes to verifying the identity of employees contacting the helpdesk. In this article, we'll explore how ...
11 months ago Bleepingcomputer.com
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
1 year ago Hackread.com
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com
Marketing Strategies for PaaS Services: Get Ahead of the Curve - With the ever-growing demand for cloud-based performance and services, Platform-as-a-Service (PaaS) is becoming increasingly critical for modern software development. PaaS is a cloud-based platform, providing businesses with an integrated suite of ...
1 year ago Hackread.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
11 months ago Blog.checkpoint.com
Defending Against AI-Based Cyber Attacks: A Comprehensive Guide - As attackers begin to use AI to automate and improve their tactics, defenders are forced to adapt and develop effective measures to protect their data. Exploit development: AI can automatically generate and tailor exploits to specific ...
1 year ago Securityboulevard.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Embracing offensive cybersecurity tactics for defense against dynamic threats - In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. The first line of defense is often ...
11 months ago Helpnetsecurity.com
CVE-2023-50839 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: ...
11 months ago
CVE-2022-46839 - Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. ...
11 months ago
CVE-2022-47151 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: ...
8 months ago
CVE-2023-25444 - Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. ...
7 months ago Tenable.com
CVE-2024-31273 - Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.3. ...
6 months ago
CVE-2024-43274 - Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through ...
1 month ago Tenable.com
CVE-2024-51670 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Stored XSS.This issue affects JS Help Desk – Best Help Desk & Support ...
1 month ago Tenable.com
CVE-2022-46840 - Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a ...
1 week ago Tenable.com
CVE-2022-46838 - Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a ...
1 week ago Tenable.com
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
In the Crosshairs: Addressing Emerging Threats Through Adaptive Software Development - To counteract these ever-changing threats, organizations must adopt adaptive responses that can dynamically adjust to new challenges and vulnerabilities. This article zeroes in on the crucial intersection of adaptive software development and ...
9 months ago Cybersecuritynews.com
Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks - PRESS RELEASE. San Jose, Calif. - February 15, 2024 - Vectra AI, Inc., the leader in hybrid attack detection, investigation and response, today announced the launch of Vectra MXDR services, the industry's first global, 24x7 open MXDR service built to ...
10 months ago Darkreading.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
10 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)