[members-discuss] autoresponders/tickets subscribed to this list (was: Re: [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication

Dear RIPE NCC,

I would be embarrassed to have members continue to ask for years for a fix
to this problem. When will you fix this issue? It keeps coming back again
and again.

I sent an e-mail to this mailing list and got several automatic responses
again...

1. Dear belastingdienst, can you unsubscribe your ticketing system
de.belastingdienst at belastingdienst.nl from this mailing list? I got two
emails from you...

2. Dear cpro at mib.cpro.fr, please stop asking me to click on links for my
e-mails to be delivered to your inbox. If you don’t want my e-mails, just
unsubscribe, please.

3. Dear info at parsnafe.com, I have no idea what your e-mail written in
Persian (?) means. Please unsubscribe auto-responders from this mailing
list.

... and the list can continue.

I really hope the RIPE NCC will come up with a solution to this, it’s not
like we haven’t asked for it for decades...

/elvis

On Fri, Feb 19, 2021 at 00:47 Elvis Daniel Velea <elvis at v4escrow.net> wrote:

> Hi,
>
> +1 to Steffen’s idea.
>
> Also, a couple of questions... how can I find out if someone (attempts to)
> login with my SSO?
>
> Can the RIPE NCC provide a page showing a list of last 5-10-100
> (un)successful logins?
>
> How about e-mail notifications (with the IP address of the attacker) when
> a failed login attempt is made?
> Can I get an e-mail notification that someone has logged in, every time a
> successful login happens?
> - I’d like these to be opt-in
>
> Elvis
>
> On Fri, Feb 19, 2021 at 00:40 Steffen Weinreich <steffen.weinreich at mdex.de>
> wrote:
>
>> Hi Ivo,
>>
>> Thanks for the heads up.
>>
>> It would be usefull if a LIR Admin user in the portal could see if "his"
>> users have the 2FA enabled. That way I could encourage my colleagues
>> without 2FA  to enable.
>>
>> CC: to the members-discuss for feedback on the suggestion.
>>
>> mit freundlichen Grüßen
>>
>> Steffen Weinreich
>>
>> --
>> Wireless Logic mdex GmbH
>> Bäckerbarg 6, 22889 Tangstedt, Germany
>> <https://www.google.com/maps/search/B%C3%A4ckerbarg+6,+22889+Tangstedt,+Germany?entry=gmail&source=g>
>>
>> Am 18.02.21 um 16:49 schrieb Ivo Dijkhuis:
>>
>> > Dear colleagues,
>> >
>> > Last weekend, RIPE NCC Access, our single sign-on (SSO) service was
>> > affected by what appears to be a deliberate ‘credential-stuffing’
>> > attack, which caused some downtime. We mitigated the attack, and we are
>> > now taking steps to ensure that our services are better protected
>> > against such threats in the future.
>> >
>> > Our preliminary investigations do not indicate that any SSO accounts
>> > have been compromised. If we do find that an account has been affected
>> > in the course of our investigations, we will contact the account holder
>> > individually to inform them.
>> >
>> > We would like to ask you to enable two-factor authentication on your
>> > RIPE NCC Access account if you have not already done so to ensure that
>> > your account is secure. In general, using two-factor authentication
>> > across all your accounts can help limit your exposure to such attacks.
>> >
>> > If you notice any suspicious activity in your RIPE NCC Access account,
>> > please contact us immediately at <security at ripe.net>.
>> >
>> > Best regards,
>> >
>> > Ivo Dijkhuis
>> > Senior Information Security Officer,
>> > RIPE NCC
>> >
>>
>> _______________________________________________
>> members-discuss mailing list
>> members-discuss at ripe.net
>> https://mailman.ripe.net/
>> Unsubscribe:
>> https://lists.ripe.net/mailman/options/members-discuss/elvis%40v4escrow.net
>
>
>> --
> This message was sent from a mobile device. Some typos may be possible.
>
-- 
This message was sent from a mobile device. Some typos may be possible.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.ripe.net/ripe/mail/archives/members-discuss/attachments/20210219/9f8fe818/attachment-0001.html>