2014 and Authentication - Cyber Security Informer

Authentication and the Have I Been Pwned API

Troy Hunt

JULY 18, 2019

I highlighted 3 really important attributes at the time of launch: There is no authentication. In the end, the path forward was clear - the API would need to be authenticated. The New Model: Authenticated Requests I held back on this for a long time because adding auth to the API adds a barrier to entry. There is no cost.

Authentication

Authentication Firewall Data breaches Mobile

New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Security Affairs

FEBRUARY 27, 2020

Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Now the authors implemented the ability to steal 2FA code from the Google Authenticator app abusing the Accessibility Privileges. Pierluigi Paganini.

Banking

Banking Authentication Advertising Malware

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

The second vulnerability, tracked CVE-2025-26466 (CVSS score: 5.9), affects both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack. Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure.

Authentication

Authentication System Administration DNS Hacking

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication

Authentication VPN Passwords Hacking

A flaw in India Digilocker could?ve been exploited to bypass authentication

Security Affairs

JUNE 8, 2020

DigiLocker provides an account in cloud to every Aadhaar holder to access authentic documents/certificates such as driving license, vehicle registration, academic mark sheet in digital format from the original issuers of these certificates. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Mobile Accountability Passwords

Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

Troy Hunt

APRIL 26, 2021

This strain of malware dates back as far as 2014 and it became a gateway into infected machines for other strains of malware ranging from banking trojans to credential stealers to ransomware. Turn on 2 factor authentication wherever available. Keep operating systems and software patched.

Malware

Malware Passwords Banking Password Management

State Department’s Email Server Breached

Adam Levin

SEPTEMBER 20, 2018

A study released by the Government Accountability Office earlier this year showed that the State Department has deployed two-factor authentication to only 11% of the devices used by staff. Two-factor authentication is a legal requirement and also considered a bare minimum protocol for cybersecurity protection.

Authentication

Authentication Government Cyber Attacks Hacking

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

NOVEMBER 11, 2023

I immediately suspected that Experian was still allowing anyone to recreate their credit file account using the same personal information but a different email address, a major authentication failure that was explored in last year’s story, Experian, You Have Some Explaining to Do. 9, 2022 and Dec.

Accountability

Accountability Authentication Passwords Identity Theft

Twitter allows users to use 2FA without a phone number

Security Affairs

NOVEMBER 24, 2019

Twitter announced that its users can protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Twitter is going to allow its users to protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Pierluigi Paganini.

Authentication

Authentication Mobile Advertising Accountability

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

“In fact, large aggregations of stolen credentials have been around since 2013-2014. Finally, if you haven’t done so lately, mosey on over to twofactorauth.org and see if you are taking full advantage of the strongest available multi-factor authentication option at sites you trust with your data.

Passwords

Passwords Accountability Hacking Password Management

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

The documents were available without authentication to anyone with a Web browser. According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years.

Insurance

Insurance Financial Services Penetration Testing Scams

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

For example, one of the most active accounts targeted in this week’s social network crackdown is the Instagram profile “ Trusted ,” self-described as “top-tier professional middleman/escrow since 2014.” Those databases show Beam was just the 12th user account created on OGUsers back in 2014.

Accountability

Accountability Hacking Media Mobile

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Security Affairs

JULY 31, 2020

One of the most security issues is a critical authentication bypass vulnerability, tracked as CVE-2020-3382. The vulnerability can allow a remote, unauthenticated attacker to bypass authentication and perform actions with admin privileges on the vulnerable device. ” reads the advisory published by Cisco.

Authentication

Authentication Advertising Software Encryption

Trend Micro addresses two issues exploited by hackers in the wild

Security Affairs

MARCH 18, 2020

It could be exploited by a remote, authenticated attacker to execute arbitrary code on vulnerable installs. An attempted attack requires user authentication.” The vulnerability could be exploited by an authenticated attacker to “manipulate certain agent client components.”. An attempted attack requires user authentication.”

Authentication

Authentication Advertising Antivirus Cybercrime

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Security Affairs

FEBRUARY 21, 2020

VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. “vRealize Operations for Horizon Adapter has an improper trust store configuration leading to authentication bypass. ” continues the advisory. x on Windows.

Authentication

Authentication Telecommunications Advertising Hacking

HPE addresses critical auth bypass issue in SSMC console

Security Affairs

OCTOBER 25, 2020

HPE fixed a remote authentication bypass vulnerability in HPE StoreServ Management Console (SSMC) data center storage management solution. The CVE-2020-7197 flaw is a remote authentication bypass vulnerability that affects HPE 3PAR StoreServ Management and Core Software Media prior to 3.7.0.0. ” reads the advisory. .

Authentication

Authentication Advertising Media Hacking

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

The vulnerability is a post-authentication command injection issue and impacts Nighthawk (R7800) routers running firmware prior to version 1.0.2.60. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Advertising

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/ phscripts /bin/ tunnelshell script, SSH authentication still succeeds.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Advertising Firmware Firewall

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT

IoT DDOS Authentication Advertising

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

It also provides an authenticated inter-process communication mechanism. Since 2016, Microsoft is urging admins to stop using SMBv1, later versions of the protocol implemented security enhancements, such as encryption, pre- authentication integrity checks to prevent man-in-the-middle (MiTM) attacks, and insecure guest authentication blocking.

Authentication

Authentication Malware Advertising Hacking

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” Strangely, not all VMs shared the same authentication, but all were destroyed. The first signs of the attack came on the morning of Feb. Just attack and destroy.”

Hacking

Hacking DDOS Backups Accountability

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Pierluigi Paganini.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

Security Affairs

JUNE 21, 2020

Cyble has analyzed the data and confirmed its authenticity, it also indexed the record in its data breach monitoring and notification service AmiBreached.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Advertising Mobile Authentication

New Cisco Webex Meetings flaw allows attackers to impersonate users

Security Affairs

JUNE 19, 2020

A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information. A vulnerability in Cisco Webex Meetings client for Windows, tracked as CVE-2020-3347 , could be exploited by local authenticated attackers to gain access to sensitive information. Pierluigi Paganini.

Authentication

Authentication Advertising Accountability Hacking

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Data breaches Advertising Mobile

Microsoft failed to fix LSASS elevation of privilege flaw

Security Affairs

AUGUST 13, 2020

“An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. “The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.”

Authentication

Authentication Advertising Hacking Information Security

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

The expert discovered that the issue could allow an attacker to force the software to relay an NTLM authentication request to the attacker’s system. This means that the SMB authentication process will leak the system’s username, and NTLMv2 hashed version of the password to the attackers. “An Pierluigi Paganini.

Passwords

Passwords Authentication Advertising Software

Hackers are targeting recently patched WebLogic security vulnerability

Security Affairs

MAY 1, 2020

2 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. Authentication is not required to exploit this vulnerability.” A remote attacker could exploit the CVE-2019-2729 flaw without authentication. . Pierluigi Paganini.

Authentication

Authentication Advertising Hacking Cybersecurity

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. “An Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Vendors supporting Samba 4.7

Authentication

Authentication Advertising Architecture Passwords

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Security Affairs

NOVEMBER 4, 2020

The CVE-2020-3556 flaw resided in the interprocess communication (IPC) channel of Cisco AnyConnect Client, it can be exploited by authenticated and local attackers to execute malicious scripts via a targeted user. “The vulnerability is due to a lack of authentication to the IPC listener. . Pierluigi Paganini.

Mobile

Mobile Authentication Advertising Software

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Use Network Level Authentication (NLA). If possible, enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Make RDP available only through a corporate VPN. Use a reliable security solution.

Passwords

Passwords Advertising Authentication VPN

Cisco addresses 17 high-severity flaws in security appliances

Security Affairs

OCTOBER 22, 2020

The list of addressed vulnerabilities includes denial-of-service (DoS), CSRF, FMC authentication bypass, and MitM issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking).

Advertising

Advertising Software Authentication Hacking

SMBleed could allow a remote attacker to leak kernel memory

Security Affairs

JUNE 11, 2020

Microsoft addressed a Server Message Block (SMB) protocol issue, named SMBleed, that could allow an attacker to leak kernel memory remotely, without authentication. The vulnerability could be chained with the SMBGhost (CVE-2020-0796) to achieve pre-authentication remote code execution. ” continues the post. Pierluigi Paganini.

Authentication

Authentication Advertising Hacking

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

The dump was discovered by a Dubai-based cybersecurity firm Rewterz ( @rewterz ) that confirmed its authenticity and the Pakistan Telecommunication Authority (PTA) is investigating the matter. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mobile

Mobile Telecommunications Data breaches Advertising

Over 100K+ WordPress sites using PageLayer plugin exposed to hack

Security Affairs

MAY 31, 2020

One vulnerability could allow an authenticated user with subscriber-level and above permissions to update and modify posts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Advertising Authentication Accountability

Zerologon attack lets hackers to completely compromise a Windows domain

Security Affairs

SEPTEMBER 14, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. published a detailed analysis of the flaw.

Authentication

Authentication Passwords Advertising Architecture

Experts demonstrate the PIN is useless in EMV contactless transactions

Security Affairs

AUGUST 29, 2020

Authentication to the terminal: All transactions accepted by the terminal are authenticated by the card and, if authorized online, the bank. Authentication to the bank: All the transactions accepted by the bank are authenticated by the card and the terminal. Pierluigi Paganini. SecurityAffairs – hacking, EMV).

Banking

Banking Computers and Electronics Authentication Advertising

Most of Linux distros affected by a critical RCE in PPP Daemon flaw

Security Affairs

MARCH 6, 2020

The flaw, tracked as CVE-2020-8597, was discovered by the expert Ilja Van Sprundel from IOActive, it is a stack buffer overflow issue that is caused by a logical error in the Extensible Authentication Protocol (EAP) packet parser of the pppd software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Software Authentication Hacking

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mobile

Mobile InfoSec Data breaches Advertising

Authentication and the Have I Been Pwned API

New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Trending Sources

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

A flaw in India Digilocker could?ve been exploited to bypass authentication

Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

State Department’s Email Server Breached

It’s Still Easy for Anyone to Become You at Experian

Twitter allows users to use 2FA without a phone number

Ukraine Nabs Suspect in 773M Password ?Megabreach?

NY Charges First American Financial for Massive Data Leak

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Experian, You Have Some Explaining to Do

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Trend Micro addresses two issues exploited by hackers in the wild

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

HPE addresses critical auth bypass issue in SSMC console

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Cisco fixes 5 critical flaws that could allow router firewall takeover

Palo Alto Networks addresses tens of serious issues in PAN-OS

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

230k+ Indonesian COVID-19 patients’ records for sale in the Darkweb

New Cisco Webex Meetings flaw allows attackers to impersonate users

UberEats data leaked on the dark web

Microsoft failed to fix LSASS elevation of privilege flaw

Hackers are using Zerologon exploits in attacks in the wild

TeamViewer flaw can allow hackers to steal System password

Hackers are targeting recently patched WebLogic security vulnerability

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

RDP brute-force attacks rocketed since beginning of COVID-19

Cisco addresses 17 high-severity flaws in security appliances

SMBleed could allow a remote attacker to leak kernel memory

Data belonging 44 Million Pakistani mobile users leaked online

Over 100K+ WordPress sites using PageLayer plugin exposed to hack

Zerologon attack lets hackers to completely compromise a Windows domain

Experts demonstrate the PIN is useless in EMV contactless transactions

Most of Linux distros affected by a critical RCE in PPP Daemon flaw

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Stay Connected