WiSoFakultät_UniKölnDec 1

Hey WiSo students 💚,

From 4️⃣ December, MFA with Cisco Duo is required for KLIPS 2.0 — without it, no login ❌.

✅ Already using Duo for VPN? You're all set.
💻 Not yet? Register once on campus (Wi-Fi/LAN required).
📱 Use the Duo Mobile App or borrow a free hardware token.

ℹ️ Setup info 👉 https://uni.koeln/4Y5J5 (ITCC)

#WiSo #UniversityofCologne #KLIPS #CiscoDuo #MFA #Security

smegApr 16, 2024
Cisco Duo's Multifactor Authentication Service Breached
https://www.darkreading.com/cyberattacks-data-breaches/cisco-duo-multifactor-authentication-service-breached #infosec #mfa #breach #duo #cisco #ciscoduo
Cisco Duo's Multifactor Authentication Service Breached

A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks.

CybernewsApr 16, 2024

Third-party breach hits MFA authenticator Cisco Duo⤵️
#CiscoDuo #databreach #datasecurity #cybersecurity #infosec

https://cybernews.com/news/cisco-duo-third-party-breach/?utm_source=mastodon&utm_medium=social&utm_campaign=cybernews&utm_content=post

Mustafa Kaan DemirhanApr 10, 2023
⚠️ Cisco Security Alert: Vulnerability in Cisco Duo Authentication for macOS & Windows Logon and RDP's offline access mode. Attackers could gain unauthorized access. Updates available. Details: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-replay-knuNKd #infosec #cybersecurity #CiscoDuo
Cisco Security Advisory: Cisco Duo Authentication for macOS and Duo Authentication for Windows Logon Offline Credentials Replay Vulnerability

A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device. This vulnerability exists because session credentials do not properly expire. An attacker could exploit this vulnerability by replaying previously used multifactor authentication (MFA) codes to bypass MFA protection. A successful exploit could allow the attacker to gain unauthorized access to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-replay-knuNKd

Cisco