Krebs on Security

MAY 14, 2019

The vulnerability ( CVE-2019-0708 ) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7 , Windows Server 2008 R2 , and Windows Server 2008. . “This vulnerability is pre-authentication and requires no user interaction,” Pope said. Source: Wikipedia.

Malware 267

Malware Ransomware Authentication 267

CyberSecurity Insiders

JULY 3, 2021

Identity and user authentication continue to be a concern for IT managers. It’s time to take a closer look at alternative identity management and authentication strategies. The Federal Trade Commission says the number of identity theft cases doubled between 2019 and 2020. Cyberattacks designed to steal identity are on the rise.

Authentication 140

Authentication Identity Theft Technology InfoSec 140

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication 153

Authentication VPN Passwords Hacking 153

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. billion in 2019. The documents were available without authentication to anyone with a Web browser. had exposed approximately 885 million records related to mortgage deals going back to 2003.

Insurance 347

Insurance Financial Services Penetration Testing Scams 347

Krebs on Security

APRIL 26, 2021

Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space. KrebsOnSecurity stepped through the same process and found similar results. and $24.99

Authentication 348

Authentication Accountability Identity Theft Account Security 348

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. . We’ll likely see this one in the wild soon.

Software 306

Software Backups Authentication Internet 306

Google Security

MAY 5, 2023

Passkeys are a new, passwordless authentication method that offer a convenient authentication experience for sites and apps, using just a fingerprint, face scan or other screen lock. Figure 1: authentication success rate with passkey vs password. They are designed to enhance online security for users.

Authentication 122

Authentication Passwords Technology Password Management 122

Krebs on Security

JULY 31, 2024

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock.

DNS 308

DNS Internet Internet Phishing 308

Malwarebytes

OCTOBER 6, 2023

Recently, Amazon announced that it will require all privileged Amazon Web Services (AWS) accounts to use multi-factor authentication (MFA) , starting in mid-2024. Multi-factor authentication is so much more secure, and with that a lot more forgiving, than passwords alone. So we wholeheartedly agree with Amazon on this.

Authentication 134

Authentication Passwords Social Engineering Accountability 134

Security Affairs

MARCH 27, 2025

the allows an authenticated attacker to execute arbitrary code by sending a serialized.NET object in an HTTP POST parameter. the allows an authenticated attacker to execute arbitrary code by sending a serialized.NET object in an HTTP POST parameter. CVE-2019-9874 (CVSS score of 9.8)

Authentication 61

Authentication Hacking Cybersecurity Risk 61

eSecurity Planet

MARCH 4, 2025

How the attack works The JavaGhost group, active since 2019, initially focused on website defacements before shifting to financially motivated phishing attacks in 2022. Enforce multifactor authentication to add an extra security layer. Apply the principle of least privilege to restrict IAM permissions.

Phishing 95

Phishing Accountability Authentication Risk 95

Security Affairs

FEBRUARY 10, 2025

CVE-2024-57968 allows remote authenticated users to upload files to unintended folders, while CVE-2025-25181 is an SQL injection flaw enabling remote SQL execution (no patch available). The group was also observed exploiting vulnerabilities in Telerik UI such as CVE-2017-9248 and CVE-2019-18935.

Manufacturing 108

Manufacturing Cybercrime Passwords Authentication 108

Schneier on Security

FEBRUARY 3, 2021

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.

Computers and Electronics 363

Computers and Electronics Malware Software Government 363

Krebs on Security

FEBRUARY 8, 2021

“According to the analysis of foreign law enforcement agencies, more than 50% of all phishing attacks in 2019 in Australia were carried out thanks to the development of the Ternopil hacker,” the attorney general’s office said, noting that investigators had identified hundreds of U-Admin customers. ” U-Admin, a.k.a.

Phishing 328

Phishing Scams Banking Mobile 328

Krebs on Security

NOVEMBER 14, 2023

It affects Microsoft Windows 10 and later, as well as Microsoft Windows Server 2019 and subsequent versions. This weakness technically requires the attacker to be authenticated to the target’s local network, but Breen notes that a pair of phished Exchange credentials will provide that access nicely.

Social Engineering 309

Social Engineering Internet Internet Phishing 309

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Customer authentication For the past 15 years, e-commerce has increased as a percentage of all retail sales.

Authentication 100

Authentication Technology Banking Media 100

Krebs on Security

APRIL 26, 2019

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese , iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

IoT 278

IoT Firewall Manufacturing Computers and Electronics 278

Security Affairs

NOVEMBER 15, 2021

Microsoft has released out-of-band security updates to address authentication issues affecting Windows Server. Microsoft has released out-of-band updates to fix authentication failures related to Kerberos delegation scenarios impacting Domain Controllers (DC) running Windows Server.

Authentication 135

Authentication Hacking Information Security 135

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. No authentication was needed to access the digitized records.

Financial Services 254

Financial Services Insurance Banking Authentication 254

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. In 2018 and 2019, ransomware-triggered business disruptions came not in global-spanning worms, ala WannaCry and NotPetya, but in unrelenting one-off attacks. Bresman “There was a big uptick in Q3 and Q4 2019, not just in the U.S., Ransomware hacking groups extorted at least $144.35

Ransomware 276

Ransomware Hacking Authentication Manufacturing 276

Adam Levin

AUGUST 7, 2020

Another major vulnerability discovered in the operating system in 2019, called BlueKeep, has been traced back to several major hacking campaigns. . Use two-factor authentication where possible. Windows 7 users represented 98% of infected systems. Audit network configurations and identify any systems that can’t be updated.

Risk 220

Risk Hacking Authentication Ransomware 220

Krebs on Security

NOVEMBER 9, 2021

Unlike the four zero-days involved in the mass compromise of Exchange Server systems earlier this year, CVE-2021-42321 requires the attacker to be already authenticated to the target’s system. ’ This vulnerability affects Windows 7 – 11 and Windows Server 2008 – 2019 and should be a high priority for patching.”

Backups 304

Backups Passwords Authentication Internet 304

Krebs on Security

SEPTEMBER 12, 2018

wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. The four major U.S.

Mobile 246

Mobile Authentication Wireless Scams 246

Krebs on Security

JANUARY 29, 2020

KrebsOnSecurity recently contacted Sprint to let the company know that an internal customer support forum called “Social Care” was being indexed by search engines, and that several months worth of postings about customer complaints and other issues were viewable without authentication to anyone with a Web browser.

Social Engineering 304

Social Engineering Telecommunications Data privacy Engineering 304

Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” By far the most important passwords are those protecting our email inbox(es).

Passwords 362

Passwords Accountability Hacking Password Management 362

Krebs on Security

SEPTEMBER 24, 2020

The flaw is present in most supported versions of Windows Server, from Server 2008 through Server 2019. A domain controller is a server that responds to security authentication requests in a Windows environment, and a compromised domain controller can give attackers the keys to the kingdom inside a corporate network.

Antivirus 275

Antivirus Security Intelligence Engineering Authentication 275

Krebs on Security

MARCH 2, 2021

The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. The software giant typically releases security updates on the second Tuesday of each month, but it occasionally deviates from that schedule when addressing active attacks that target newly identified and serious vulnerabilities in its products.

Internet 342

Internet Internet Software Education 342

Krebs on Security

MARCH 26, 2024

RATE LIMITS What sanely designed authentication system would send dozens of requests for a password change in the span of a few moments, when the first requests haven’t even been acted on by the user? Apple fixed that bug nearly four months later in December 2019, thanking Bagaria in the associated security bulletin.

Passwords 359

Passwords Accountability Engineering Phishing 359

Krebs on Security

APRIL 13, 2021

Microsoft released updates to fix four more flaws in Exchange Server versions 2013-2019 ( CVE-2021-28480 , CVE-2021-28481 , CVE-2021-28482 , CVE-2021-28483 ). Interestingly, all four were reported by the U.S. National Security Agency , although Microsoft says it also found two of the bugs internally.

Authentication 318

Authentication Backups Malware Engineering 318

The Last Watchdog

MAY 14, 2019

One of the catch phrases I overheard at RSA 2019 that jumped out at me was this: “The internet is the new corporate network.” Take authentication, for example. Threat actors are taking great advantage of the lag in upgrading authentication. After the authentication requests are processed by the directory (e.g.

Authentication 178

Authentication Digital transformation Risk Internet 178

Krebs on Security

FEBRUARY 8, 2022

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. “However, given the number of stolen credentials readily available on underground markets, getting authenticated could be trivial. .

Authentication 230

Authentication Internet Internet System Administration 230

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). since 2017.

Cybercrime 274

Cybercrime Mobile Media Hacking 274

Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today. Thanks everyone! Going live with it tomorrow.

Passwords 245

Passwords Accountability Authentication Data breaches 245

Schneier on Security

JULY 10, 2020

A criminal group called Cosmic Lynx seems to be based in Russia: Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries.

Scams 204

Scams Accountability Authentication Phishing 204

The Last Watchdog

MARCH 28, 2019

I had the chance at RSA 2019 to discuss the wider implications with Don Shin, A10 Networks’ senior product marketing manager. Here we are in 2019 and the same attack strategy continues to persist. As it now stands, CoAP does not require authentication to reply with a large response to a small request, Shin told me. Beyond DDoS.

DDOS 263

DDOS IoT DNS Internet 263

Krebs on Security

NOVEMBER 21, 2020

2019 that wasn’t discovered until April 2020. authenticate the phone call before sensitive information can be discussed. Improve 2FA and OTP messaging to reduce confusion about employee authentication attempts. This latest campaign appears to have begun on or around Nov.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Krebs on Security

MARCH 10, 2020

” In another thread from June 2019, an Antichat user asks if anyone has heard from Isis recently, and Isis pops up a day later to inquire what he wants. In one section of the writeup Isis claims authorship of a specific file-dumping tool, and links to a Github directory under the username “Firsov.”

Accountability 339

Accountability Advertising Hacking Cybercrime 339