Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall 110

Firewall Authentication Advertising VPN 110

Security Affairs

DECEMBER 23, 2019

China-linked cyber espionage group APT20 has been bypassing two-factor authentication (2FA) in recent attacks, cyber-security firm Fox-IT warns. The APT20 group has been active since at least 2011, but experts did not associate any campaign with this threat actors between 2016 and 2017. “Operation Wocao (??

VPN 68

VPN Hacking Software Advertising 68

Security Affairs

MARCH 15, 2023

The leak also included the JWT secret key, another type of token, which is usually used for authentication. It is crucial to ensure that leaked keys are in longer bit-lengths and encoded using secure encryption/hashing algorithms. Knowing them, a threat actor could be able to hijack the session and therefore the account.

Manufacturing 89

Manufacturing Media Accountability Risk 89

Cisco Security

AUGUST 28, 2023

Clear Text authentication still exists in 2023 Although not directly related to malware infection, we did discover a few other interesting findings during our threat hunt, including numerous examples of clear text traffic disclosing email credentials or authentication session cookies for variety of applications.

Wireless 77

Wireless DNS Mobile Technology 77