19 February 2021

RIPE NCC asks its members to enable 2FA following credential-stuffing attack


RIPE NCC asks its members to enable 2FA following credential-stuffing attack

RIPE NCC, a regional Internet registry (RIR) for Europe, the Middle East and parts of Central Asia, has revealed it was hit by a “deliberate credential-stuffing attack’ attempting to gain access to single sign-on (SSO) accounts.

The RIPE NCC supports the technical and administrative coordination of the infrastructure of the Internet. It is a not-for-profit membership organization with over 20,000 members located in over 76 countries, they are mostly Internet service providers, telecommunication organizations and other companies that manage their own network infrastructure.

“Last weekend, RIPE NCC Access, our single sign-on (SSO) service was affected by what appears to be a deliberate ‘credential-stuffing’ attack, which caused some downtime,” the organization said in a message posted on its website.

The agency added that it managed to thwart the attack and that it has no evidence that any SSO accounts have been compromised. However, the RIPE NCC now asks its members to turn on two-factor authentication on their SSO accounts.

“We would like to ask you to enable two-factor authentication on your RIPE NCC Access account if you have not already done so to ensure that your account is secure. In general, using two-factor authentication across all your accounts can help limit your exposure to such attacks,” the internet registry said.

Back to the list

Latest Posts

Vulnerability in Trend Micro antivirus products exploited in the wild

Vulnerability in Trend Micro antivirus products exploited in the wild

The flaw affects Trend Micro Apex One, Apex One SaaS, and OfficeScan Corporate Edition.
22 April 2021
University of Minnesota banned from Linux development for submitting buggy patches

University of Minnesota banned from Linux development for submitting buggy patches

Two graduate students at the University of Minnesota deliberately introduced known security bugs in the Linux kernel in the name of research.
22 April 2021
Qlocker ransomware campaign targets QNAP devices across the globe

Qlocker ransomware campaign targets QNAP devices across the globe

The campaign uses 7-zip to move files on QNAP devices into password-protected archives.
22 April 2021