[members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Previous message (by thread): [members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Next message (by thread): [members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Elvis Daniel Velea
elvis at v4escrow.net
Fri Feb 19 09:47:56 CET 2021
Hi, +1 to Steffen’s idea. Also, a couple of questions... how can I find out if someone (attempts to) login with my SSO? Can the RIPE NCC provide a page showing a list of last 5-10-100 (un)successful logins? How about e-mail notifications (with the IP address of the attacker) when a failed login attempt is made? Can I get an e-mail notification that someone has logged in, every time a successful login happens? - I’d like these to be opt-in Elvis On Fri, Feb 19, 2021 at 00:40 Steffen Weinreich <steffen.weinreich at mdex.de> wrote: > Hi Ivo, > > Thanks for the heads up. > > It would be usefull if a LIR Admin user in the portal could see if "his" > users have the 2FA enabled. That way I could encourage my colleagues > without 2FA to enable. > > CC: to the members-discuss for feedback on the suggestion. > > mit freundlichen Grüßen > > Steffen Weinreich > > -- > Wireless Logic mdex GmbH > Bäckerbarg 6, 22889 Tangstedt, Germany > <https://www.google.com/maps/search/B%C3%A4ckerbarg+6,+22889+Tangstedt,+Germany?entry=gmail&source=g> > > Am 18.02.21 um 16:49 schrieb Ivo Dijkhuis: > > > Dear colleagues, > > > > Last weekend, RIPE NCC Access, our single sign-on (SSO) service was > > affected by what appears to be a deliberate ‘credential-stuffing’ > > attack, which caused some downtime. We mitigated the attack, and we are > > now taking steps to ensure that our services are better protected > > against such threats in the future. > > > > Our preliminary investigations do not indicate that any SSO accounts > > have been compromised. If we do find that an account has been affected > > in the course of our investigations, we will contact the account holder > > individually to inform them. > > > > We would like to ask you to enable two-factor authentication on your > > RIPE NCC Access account if you have not already done so to ensure that > > your account is secure. In general, using two-factor authentication > > across all your accounts can help limit your exposure to such attacks. > > > > If you notice any suspicious activity in your RIPE NCC Access account, > > please contact us immediately at <security at ripe.net>. > > > > Best regards, > > > > Ivo Dijkhuis > > Senior Information Security Officer, > > RIPE NCC > > > > _______________________________________________ > members-discuss mailing list > members-discuss at ripe.net > https://lists.ripe.net/mailman/listinfo/members-discuss > Unsubscribe: > https://lists.ripe.net/mailman/options/members-discuss/elvis%40v4escrow.net > -- This message was sent from a mobile device. Some typos may be possible. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/members-discuss/attachments/20210219/32fad9c9/attachment.html>
- Previous message (by thread): [members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
- Next message (by thread): [members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]