Security Affairs

OCTOBER 9, 2023

IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM’s X-Force researchers reported that threat actors are conducting a large-scale credential harvesting campaign exploiting the recent CVE-2023-3519 vulnerability (CVSS score: 9.8)

VPN 140

VPN Authentication Cyber Attacks Passwords 140

Security Affairs

OCTOBER 2, 2023

Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. It was a bit shocking that we were able to reach the deserialization sink without any authentication.” All versions of WS_FTP Server are affected by these vulnerabilities.”

Authentication 136

Authentication Software Internet Internet 136

Security Affairs

OCTOBER 25, 2023

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks. reported Citrix. reported Citrix.

Authentication 140

Authentication VPN Hacking Government 140

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 144

Firewall Internet Internet Authentication 144

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication 138

Authentication VPN Hacking Government 138

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 138

Social Engineering Authentication Engineering Accountability 138

Security Affairs

OCTOBER 31, 2023

Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. ai publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. “[the PoC code] is an example request that bypasses authentication on vulnerable instances of IOS-XE.

Internet 143

Internet Internet Software Accountability 143

Security Affairs

OCTOBER 4, 2023

Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. The flaw CVE-2023-22515 is a privilege escalation vulnerability that affects Confluence Data Center and Server 8.0.0 and later.

Software 144

Software Accountability Authentication Internet 144

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. ” reads the advisory published by the IT giant.

VPN 140

VPN Software Encryption Authentication 140

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication 98

Authentication Backups Ransomware Software 98

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 330

Banking Government Information Security Authentication 330

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

Security Affairs

AUGUST 21, 2023

Ivanti warned customers of a new critical Sentry API authentication bypass vulnerability tracked as CVE-2023-38035. The software company Ivanti released urgent security patches to address a critical-severity vulnerability, tracked as CVE-2023-38035 (CVSS score 9.8), in the Ivanti Sentry (formerly MobileIron Sentry) product.

Authentication 98

Authentication Internet Internet Mobile 98

Security Affairs

MAY 8, 2024

The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. the code is only triggered after access list checks and authentication have succeeded. so if you use basic auth with a reasonably secure password or allow only specific trusted hosts you won’t have to worry. and Tinyproxy 1.10.0.

Internet 133

Internet Internet Authentication Passwords 133

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical vulnerability affecting its network-attached storage (NAS) devices. Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

DECEMBER 3, 2023

Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. The addressed issues are tracked as CVE-2023-35136 , CVE-2023-35139 , CVE-2023-37925 , CVE-2023-37926 , CVE-2023-4397 , CVE-2023-4398 , CVE-2023-5650 , CVE-2023-5797 , CVE-2023-5960.

Firewall 137

Firewall Authentication VPN Cyber Attacks 137

Security Affairs

JUNE 20, 2023

VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild,” reads the advisory. The vulnerability CVE-2023-20887 (CVSSv3 score of 9.8)

Authentication 98

Authentication Hacking Technology Information Security 98

Security Affairs

DECEMBER 28, 2023

Experts warn of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. ” reads the report published by SonicWall.

Authentication 143

Authentication Passwords Hacking Software 143

Security Affairs

JANUARY 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti Connect Secure and Policy Secure flaws, tracked as CVE-2024-21887 and CVE-2023-46805 , and Microsoft SharePoint Server flaw CVE-2023-29357 to its Known Exploited Vulnerabilities (KEV) catalog. The flaw CVE-2023-46805 (CVSS score 8.2)

Authentication 135

Authentication Hacking Cybersecurity Software 135

Security Affairs

MAY 30, 2023

PyPI is going to enforce two-factor authentication (2FA) for all project maintainers by the end of this year over security concerns. Due to security concerns, PyPI will be mandating the use of two-factor authentication (2FA) for all project maintainers by the end of this year. ” reads the announcement.

Authentication 98

Authentication Accountability Hacking Malware 98

Security Affairs

AUGUST 24, 2023

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). and prior. “If

Internet 98

Internet Internet Authentication Risk 98

Security Affairs

JUNE 7, 2023

Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8) ” continues the advisory.

Authentication 98

Authentication Hacking Technology Information Security 98

Security Affairs

APRIL 9, 2024

running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. Sweden, and Finland.

Hacking 143

Hacking Internet Internet Authentication 143

Security Affairs

NOVEMBER 1, 2023

US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities CVE-2023-46747 and CVE-2023-46748 in BIG-IP to its Known Exploited Vulnerabilities catalog.

Authentication 137

Authentication Hacking Risk Cybersecurity 137

Security Affairs

MAY 21, 2024

The other vulnerabilities impacting Network Attached Storage (NAS) discovered by WatchTowr code execution, buffer overflow, memory corruption, authentication bypass, and XSS issues impacting the security of Network Attached Storage (NAS) devices across different deployment environments.

Authentication 140

Authentication Accountability Social Engineering Engineering 140

Security Affairs

JANUARY 13, 2024

Akira ransomware infections were first reported in Finland in June 2023, however, in December the number of attacks increased. ” The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. Threat actors are wiping NAS and backup devices.

Ransomware 141

Ransomware Backups VPN Authentication 141

Security Affairs

FEBRUARY 27, 2024

Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points. APs affected by CVE-2023-6398 AP model Affected version Patch availability NWA50AX 6.29(ABYW.3) Patch 1 ZLD V4.32

Firewall 141

Firewall VPN Authentication Hacking 141

Security Affairs

MAY 9, 2024

Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x and Ivanti Policy Secure.

Authentication 140

Authentication Backups Cyber threats Malware 140

Security Affairs

JANUARY 16, 2024

VMware addressed a critical vulnerability, tracked as CVE-2023-34063 (CVSS score 9.9), that impacted its Aria Automation platform. The issue is a missing access control vulnerability that can be exploited by an authenticated attacker actor to gain unauthorized access to remote organizations and workflows. ” reads the advisory.

Authentication 140

Authentication Government Hacking Information Security 140

Security Affairs

AUGUST 30, 2023

VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two vulnerabilities in Aria Operations for Networks, respectively tracked as CVE-2023-34039 (CVSS score: 9.8)

Authentication 133

Authentication Hacking Information Security 133

Security Affairs

DECEMBER 19, 2023

CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966 , in Citrix NetScaler ADC (Application Delivery Controller) software. The vulnerability was discovered by security researchers at Positive Technologies and disclosed to Citrix in October 10, 2023. ” reads the notice of a security incident.

Authentication 137

Authentication Data breaches Passwords Internet 137

Security Affairs

NOVEMBER 15, 2023

SAP November 2023 Security Patch Day includes three new and three updated security notes. The most severe “hot news” is an improper access control vulnerability, tracked as CVE-2023-31403 (CVSS score of 9.6), that impacts SAP Business One product installation. ” reads the advisory.

Authentication 140

Authentication Hacking Software Information Security 140

Security Affairs

NOVEMBER 13, 2023

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. ” states the update published by the company on November 8 th 2023. Customers are urged to immediately upgrade.”

Firewall 141

Firewall Authentication Internet Internet 141

Security Affairs

JANUARY 11, 2024

Software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. 20240107.1.xml

Authentication 133

Authentication VPN Mobile Hacking 133

Security Affairs

JANUARY 29, 2024

The vulnerability CVE-2023-35636 impacting Microsoft Outlook is a Microsoft Outlook information disclosure issue that could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords. NTLMv2, which stands for NT LAN Manager version 2, is an authentication protocol used in Microsoft Windows networks.

Passwords 142

Passwords Authentication Hacking Accountability 142

Security Affairs

JANUARY 30, 2024

is a Missing Authentication for Critical Function vulnerability. An unauthenticated, network-based attacker can chain this issue with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series to access sensitive system information.

Authentication 139

Authentication Hacking Cybersecurity Information Security 139

Security Affairs

MARCH 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023.

Hacking 138

Hacking Authentication Cybersecurity Risk 138