The Dark Web Scan is in WatchGuard Cloud!

Phishing is a very well-known technique of social engineer attack used by hackers to access user’s and companies´ sensitive information. Phishing is usually applicable for password compromise and malware, but an emerging threat is a technique called MFA fatigue or MFA push spam. The technique consists of an attacker, that has the credential information of a user (username and password), to send a consecutive, stream of push notifications to the user’s phone, until he approves one of them.

To mitigate this kind of attack, we have added a push phishing toggle feature on the AuthPoint mobile app. After a push notification is received on the app, recognized as a non-legit request by the user and denied, he can choose to disable the reception of new push notifications on his mobile to avoid the push fatigue and minimizing the chance to approve incorrectly an authentication request. At any time, the user can enable again the receiving of new push notifications.

Combine with authentication policies for better protection!

The push phishing or push fatigue can be a relatively easy way for attackers to get access to companies’ assets. Allow a user to disable push notifications is one more tool to help companies to prevent unauthorized access. Combined with other features, like policy restriction (for example, time policy to not allow user access after working hours or during weekends and geo kinetics, to automatically deny authentications done from different locations/small time interval), AuthPoint provides options to minimize the occurrence of this kind of attack.

Check if your mobile app has been updated to version 2.1.0 (Android or iOS) to take advantage of this new feature and learn more about AuthPoint:

Read AuthPoint Zero-Trust Framework eBook >

Read AuthPoint Partner Brief >

As part of AuthPoint’s Zero-Trust Framework, a new policy is now available in WatchGuard Cloud. The goal of the Geokinetics policy is to prevent unexpected authentications from attackers that are distant from the authorized user. For example, if the user is in the U.S., and an attacker from a different geographic location tries to authenticate with the user’s credentials, this policy can block the attackers request, even if the user is subject to phishing or social engineering and is convinced by the attacker to approve a push notification or a one-time password (OTP).

Empowering Your MFA Selling Strategy with AuthPoint’s Zero-Trust Framework

Take advantage of advanced features like risk policies to ace more multi-factor authentication (MFA) deals. Risk policies enable you to manage authentication requirements based on your customers’ security needs. Choose to strengthen or streamline the authentication experience according to the level of risk and type of user.

How is this policy different from other policies? The geokinetics policy compares the user’s device location on consecutive authentications and checks the distance and time between them. It can automatically block an authentication that does not match the configured parameters set by the operator.

Currently, the following AuthPoint policy objects are available in WatchGuard Cloud:

• IP Location
• Geolocation
• Time Schedule
• Geokinetics

Remember that the combination of the existing policies provides more flexibility and more powerful configurations, tailored to your end users’ needs.

Learn more about AuthPoint

Read AuthPoint Zero-Trust Framework eBook >

Read AuthPoint Partner Brief >

A new gateway agent is available in WatchGuard Cloud. The new version addresses bug fixes, Open Source Scanning (OSS) improvements and better performance on the LDAP sync flow and on the overall gateway operations.

Always keep your environment with the latest AuthPoint Gateway version:

1. Download the updated version in WatchGuard Cloud
2. Run the installer to upgrade your installed Gateway. For detailed instructions to update an installed Gateway, see Update an Installed Gateway .

Note: We recommend that you upgrade all your primary and secondary Gateways. The steps to upgrade a secondary Gateway are the same as the steps to upgrade a primary Gateway.

For more details, read the AuthPoint Gateways Help Center article.