cyberfeed.io — security news aggregator

Does VPN SSO with Windows Hello for Business satisfy MFA requirements?

cybersecurity • 2025-08-19 • www.reddit.com

I'm thing about moving our remote access from RADIUS app-based 2FA to SAML Single Sign-On (SSO) on our firewall VPN. All users sign into Microsoft Entra ID - joined laptops with Windows Hello for Business (WHfB) (PIN, fingerprint, or facial recognition). Since WHfB uses a TPM-bound key on the device (something you have) plus PIN/biometric (something you know/are), Microsoft recognizes it as MFA. When the VPN connection is made via SAML SSO, Entra ID passes the MFA claim into the VPN session....

#mfa #2fa #saml #sso

CISA Releases Four Industrial Control Systems Advisories

All CISA Advisories • 2025-08-19 • www.cisa.gov

CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemens Mendix SAML Module ICSA-25-217-02 Tigo Energy Cloud Connect Advanced (Update A) ICSA-25-219-07 EG4 Electronics EG4 Inverters (Update A) CISA encourages users and administrators to review newly...

#cloud #vulnerability #patch-management #saml

Siemens Mendix SAML Module

All CISA Advisories • 2025-08-19 • www.cisa.gov

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : Mendix SAML Module Vulnerability : Improper Verification of Cryptographic...

#vulnerability #patch-management #saml