2018, Authentication and System Administration

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. “This is worse because the CVE calls for an authenticated user,” Holden said. “This was not.”

Software

Software Ransomware System Administration Authentication

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

Security Affairs

OCTOBER 25, 2018

Researchers discovered a “high” severity command injection vulnerability, tracked as CVE-2018-15442, in Cisco Webex Meetings Desktop. Researchers Ron Bowes and Jeff McJunkin of Counter Hack discovered a “high” severity command injection vulnerability, tracked as CVE-2018-15442 , in Cisco Webex Meetings Desktop.

Advertising

Advertising System Administration Hacking Software

Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again

Security Affairs

NOVEMBER 28, 2018

One month ago, Cisco addressed the CVE-2018-15442 vulnerability, also tracked as WebExec by Counter Hack researchers Ron Bowes and Jeff McJunkin who discovered it. The CVE-2018-15442 vulnerability could be exploited by an authenticated, local attacker to execute arbitrary commands as a privileged user. and later prior to 33.0.5,

Advertising

Advertising System Administration Software Authentication

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

North Korean Lazarus APT group targets blockchain tech companies

Malwarebytes

APRIL 19, 2022

Since 2018, one of the Lazarus Group’s tactics has been to disguse AppleJeus malware as cryptocurrency trading platforms for both Windows and Mac. Enforce credential requirements and use multi-factor authentication. It uses personalization to convince victims that they are reading and responding to legitimate messages.

Cryptocurrency

Cryptocurrency Social Engineering Computers and Electronics Engineering

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

RDP intrusions are typically the result of two attacker methods: brute force authentication attempts or a meddler-in-the-middle (MITM) attack. Remote desktop software’s sensitive influence over other devices means identity and access management (IAM), password security , and multi-factor authentication are critical for risk management.

VPN

VPN Software Authentication Encryption

Exploits and vulnerabilities in Q4 2024

SecureList

FEBRUARY 26, 2025

Among notable techniques in Q4, attackers leveraged undocumented RPC interfaces and targeted the Windows authentication mechanism. According to Microsoft documentation ,msc files can be used for system administration. Statistics on registered vulnerabilities This section contains statistics on registered vulnerabilities.

Software

Software Authentication System Administration Malware

Stolen Nvidia certificates used to sign malware—here’s what to do

Malwarebytes

MARCH 15, 2022

A code signing certificate is used to authenticate the identity of a software developer or publisher, and it provides cryptographic assurance that a signed piece of software has not been altered or tampered with. The two leaked Nvidia certificates have expired, being valid from 2011 to 2014 and 2015 to 2018.

Malware

Malware Software System Administration Ransomware

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Audit user accounts with administrative privileges and configure access controls with least privilege in mind, and use multifactor authentication. CVE-2015-1130 : An XPC implementation allows authentication bypass and admin privilege escalation in Apple OS X before 10.10.3. 7 SP1, 8, 8.1) How to Use the CISA Catalog.

Ransomware

Ransomware Encryption Backups Accountability

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

More Cloud Means More Multi-Tenant Environments

Thales Cloud Protection & Licensing

JANUARY 23, 2018

Gartner predicts that the worldwide public cloud services market will grow 17 percent in 2018 to $287.8 This can be realized with a commitment to protecting data-at-rest; adequately isolating security; authenticating, authorizing and differentiating access to the data; and enforcing it with encryption. billion, up from $246.8

Cloud Migration

Cloud Migration System Administration Architecture Firewall

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Longtime network and system administrator Jack Daniel is a technology community activist, mentor, and storyteller. — Jack Daniel (@jack_daniel) October 10, 2018. jaysonstreet) March 3, 2018. — Kevin Mitnick (@kevinmitnick) January 20, 2018. Denial-of-Suez attack. Jack Daniel | @jack_daniel.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

com – all generated using RoyalRoad and attempting to exploit CVE-2018-0802. Most of the commands are used to display fake pop-up messages and seek to trick people into entering two-factor authentication codes. Notify your supervisors as soon as possible.

Ransomware

Ransomware Malware Banking Encryption

macOS 11’s hidden security improvements

Malwarebytes

AUGUST 18, 2021

The major new security features that would debut in macOS 11 were: Pointer Authentication Codes (PAC) , hardware-enforced Call Flow Integrity (CFI), implemented by Apple’s homegrown 64 bit ARM processor, the M1. Currently limited to system code and kernel extensions, but open to all third-party developers for experimentation.

Firmware

Firmware Architecture Risk Engineering

On the Twitter Hack

Schneier on Security

JULY 20, 2020

Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter's system administrators. Back in 2018, Twitter said it was exploring encrypting those messages, but it hasn't yet. When those accounts were hijacked, trust in that system took a beating.

Hacking

Hacking Banking Accountability Government

Cyber Security Informer

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

Trending Sources

Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again

China-linked threat actors have breached telcos and network service providers

North Korean Lazarus APT group targets blockchain tech companies

Addressing Remote Desktop Attacks and Security

Exploits and vulnerabilities in Q4 2024

Stolen Nvidia certificates used to sign malware—here’s what to do

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

More Cloud Means More Multi-Tenant Environments

Top Cybersecurity Accounts to Follow on Twitter

IT threat evolution Q2 2021

macOS 11’s hidden security improvements

On the Twitter Hack

Stay Connected