19 February 2021

RIPE NCC asks its members to enable 2FA following credential-stuffing attack


RIPE NCC asks its members to enable 2FA following credential-stuffing attack

RIPE NCC, a regional Internet registry (RIR) for Europe, the Middle East and parts of Central Asia, has revealed it was hit by a “deliberate credential-stuffing attack’ attempting to gain access to single sign-on (SSO) accounts.

The RIPE NCC supports the technical and administrative coordination of the infrastructure of the Internet. It is a not-for-profit membership organization with over 20,000 members located in over 76 countries, they are mostly Internet service providers, telecommunication organizations and other companies that manage their own network infrastructure.

“Last weekend, RIPE NCC Access, our single sign-on (SSO) service was affected by what appears to be a deliberate ‘credential-stuffing’ attack, which caused some downtime,” the organization said in a message posted on its website.

The agency added that it managed to thwart the attack and that it has no evidence that any SSO accounts have been compromised. However, the RIPE NCC now asks its members to turn on two-factor authentication on their SSO accounts.

“We would like to ask you to enable two-factor authentication on your RIPE NCC Access account if you have not already done so to ensure that your account is secure. In general, using two-factor authentication across all your accounts can help limit your exposure to such attacks,” the internet registry said.

Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021