[ripe-list] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Previous message (by thread): [ripe-list] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Next message (by thread): [ripe-list] RIPE AA-WG discussion
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carsten Schiefner
ripe-wgs.cs at schiefner.de
Fri Feb 19 16:41:01 CET 2021
Furthermore, at least the Android version of FreeOTP has not seen any updates since five years - which sort of puzzles me wrt. the "validity of the offer". On 19.02.2021 14:56, Carsten Schiefner wrote: > Ivo & all - > > it appears that on https://access.ripe.net/ the mentioned link for > FreeOTP is somewhat outdated for almost four years now: > > https://fedorahosted.org/freeotp/ redirects to > https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement > > , where it reads under "Summary": > > "fedorahosted.org was retired on March 1st, 2017. [...]" > > Seems that: > > https://freeotp.github.io/ > > is the new entry point now - but I haven't checked it out in detail. > > ATB, > > -C. > > On 18.02.2021 16:43, RIPE NCC Security wrote: >> Dear colleagues, >> >> Last weekend, RIPE NCC Access, our single sign-on (SSO) service was >> affected by what appears to be a deliberate ‘credential-stuffing’ >> attack, which caused some downtime. We mitigated the attack, and we are >> now taking steps to ensure that our services are better protected >> against such threats in the future. >> >> Our preliminary investigations do not indicate that any SSO accounts >> have been compromised. If we do find that an account has been affected >> in the course of our investigations, we will contact the account holder >> individually to inform them. >> >> We would like to ask you to enable two-factor authentication on your >> RIPE NCC Access account if you have not already done so to ensure that >> your account is secure. In general, using two-factor authentication >> across all your accounts can help limit your exposure to such attacks. >> >> We will keep you informed about any relevant developments. If you have >> noticed any suspicious activity in your RIPE NCC Access account, please >> contact us immediately at security at ripe.net. >> >> Best regards, >> >> Ivo Dijkhuis >> Senior Information Security Officer, >> RIPE NCC
- Previous message (by thread): [ripe-list] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Next message (by thread): [ripe-list] RIPE AA-WG discussion
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]