In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factor. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations or personal laptops as well. This allows defining response and mitigation in case of unknown vulnerabilities of the authentication procedure. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications and lock the session in case of Two-Factor Authentication bypass. Rohos Logon commits experimental innovation to address these issues. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing and social engineering – all these lead to unpredictable threat models and risks. New experimental feature allows to get an immediate push notification on the smartphone when Two-Factor Authentication procedure was avoided during login/unlock or reconnecting to console or remote sessions. We are glad to announce Rohos Logon Key 4.8 with automated control over ‘Two-Factor Authentication bypass scenarios’.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |