Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) is a buffer overflow issue that an authenticated attacker could exploit.

Authentication 114

Authentication Mobile Hacking Information Security 114

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. ” reads the advisory published by the company.

Authentication 105

Authentication Software Hacking Information Security 105

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls. Attackers are chaining them with the CVE-2025-0108 with CVE-2024-9474 issues. ” reads the updated bulletin published by the vendor.

Firewall 105

Firewall Authentication Architecture Internet 105

Security Affairs

OCTOBER 23, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Fortinet FortiManager missing authentication vulnerability CVE-2024-47575 (CVSS v4 score: 9.8) A missing authentication flaw in FortiManager and FortiManager Cloud versions allows attackers to execute arbitrary code or commands through specially crafted requests.

Authentication 125

Authentication Malware Risk Cybersecurity 125

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. . to its Known Exploited Vulnerabilities (KEV) catalog.

DNS 109

DNS Authentication Ransomware Hacking 109

Security Affairs

FEBRUARY 19, 2025

The second vulnerability, tracked CVE-2025-26466 (CVSS score: 5.9), affects both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack. ” The OpenSSH client and server are vulnerable (CVE-2025-26466) to a pre-authentication denial-of-service (DoS) attack.

Authentication 121

Authentication System Administration DNS Hacking 121

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 114

Media Authentication Hacking Accountability 114

Security Affairs

FEBRUARY 20, 2025

Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability. ” reads the advisory. NetScaler Console 14.1

Authentication 118

Authentication Software Hacking Information Security 118

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 HIBP permalink: [link] pic.twitter.com/Oc2Qvrh6Ov — HackManac (@H4ckManac) October 10, 2024 The threat actors that breached the popular website have shared a copy of the stolen data with the data breach notification service Have I Been Pwned data.

Data breaches 121

Data breaches Internet Internet DDOS 121

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident.

Data breaches 123

Data breaches Cybercrime Authentication Technology 123

Security Affairs

NOVEMBER 8, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

MARCH 18, 2025

The vulnerability is an authentication bypass issue that could allow a remote attacker to gain super-admin privileges by making maliciously crafted CSF proxy requests. An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0

Authentication 115

Authentication Ransomware Firewall Hacking 115

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. The attackers targeted accounts protected with basic authentication bypassing multi-factor authentication. Despite Microsoft phasing it out, it remains an active security risk.

Passwords 120

Passwords Accountability Authentication Malware 120

Security Affairs

MAY 22, 2024

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication.

Backups 130

Backups Authentication Accountability Software 130

Security Affairs

FEBRUARY 26, 2025

The two vulnerabilities are: CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is a cross-site scripting (XSS) issue in Synacor ZCS.

Authentication 101

Authentication Hacking Cybersecurity Risk 101

Security Affairs

MAY 22, 2024

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentication bypass issue, tracked as CVE-2024-4985 (CVSS score: 10.0), in the GitHub Enterprise Server (GHES).

Authentication 136

Authentication Encryption Hacking Information Security 136

Security Affairs

NOVEMBER 26, 2024

Attackers can exploit the SSL VPN gateway by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL without authentication. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. ” reads the advisory.

VPN 111

VPN Authentication Hacking Cybersecurity 111

Security Affairs

FEBRUARY 15, 2025

The Shadowserver Foundation researchers observed several CVE-2025-0108 attempts since 4 am UTC 2024-02-13 in their honeypots. “Organizations relying on PAN-OS firewalls should assume that unpatched devices are being targeted andtake immediate steps to secure them.“ ” states GreyNoise.

Firewall 101

Firewall Authentication Architecture Risk 101

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Internet Archive Zendesk emails sent by the threat actor Source: BleepingComputer The message highlights a poor security posture by the Internet Archive.

Internet 127

Internet Internet Data breaches Authentication 127

Security Affairs

MARCH 18, 2025

Threat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations. It should be noted that this vulnerability can be triggered without the need for authentication and is therefore more harmful.” ” reads the original disclosure.

Government 127

Government Healthcare Authentication Hacking 127

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks.

Phishing 113

Phishing Accountability Authentication Advertising 113

Security Affairs

MARCH 8, 2024

The three flaws fixed are: CVE-2024-21899 : an improper authentication vulnerability could allow users to compromise the security of the system via a network. CVE-2024-21900 : an injection vulnerability could allow authenticated users to execute commands via a network.

Authentication 134

Authentication Hacking Internet Internet 134

Security Affairs

OCTOBER 25, 2024

The vulnerability CVE-2024-20481 (CVSS score of 5.8) An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. Now the company confirmed that the flaw CVE-2024-20481 is actively exploited in the wild. This vulnerability is due to resource exhaustion.

VPN 112

VPN Firewall Technology Passwords 112

Security Affairs

FEBRUARY 10, 2025

.” The group was spotted using zero-day vulnerabilities in Advantive VeraCore respectively tracked as CVE-2024-57968 (CVSS score of 9.9) CVE-2024-57968 allows remote authenticated users to upload files to unintended folders, while CVE-2025-25181 is an SQL injection flaw enabling remote SQL execution (no patch available).

Manufacturing 110

Manufacturing Cybercrime Passwords Authentication 110

Security Affairs

FEBRUARY 18, 2025

Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8), affecting its Session Smart Router product. The company discovered the vulnerability during internal product security testing or research. ” reads the advisory.

Authentication 85

Authentication Hacking Information Security 85

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” The vulnerability resides in SSL VPN and SSH management and according to the vendor is “susceptible to actual exploitation.”

Firewall 114

Firewall Firmware VPN Authentication 114

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085.

Internet 141

Internet Internet Ransomware Authentication 141

Security Affairs

SEPTEMBER 16, 2024

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. “If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.” and prior versions. ” reads the advisory.

Authentication 134

Authentication Hacking Information Security 134

Security Affairs

FEBRUARY 15, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. In mid-July 2024, Miteladdressedthe vulnerability with the release offirmware updates. HF1 (R6.4.0.136). Aquabot is a Mirai-based botnet designed for DDoS attacks.

Spyware 107

Spyware DDOS Hacking Authentication 107

Security Affairs

FEBRUARY 14, 2024

Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The vulnerability CVE-2024-24691 is an improper input validation bug that could be exploited by an attacker with network access to escalate privileges. ” reads the advisory.

Software 138

Software Authentication Mobile Hacking 138

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. when access is limited to authenticated end users via Prisma Access. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.”

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication 130

Authentication Firmware VPN Manufacturing 130

Security Affairs

NOVEMBER 17, 2024

Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. Wordfence’s researcher István Márton discovered the vulnerability on November 6, 2024. CVE-2024-10924 impacts plugin versions from 9.0.0 and up to 9.1.1.1

Authentication 74

Authentication Accountability Hacking Information Security 74

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

JANUARY 25, 2025

The duo found Subaru’s admin panel hosted on a subdomain, allowing password resets for employee accounts without confirmation, bypassing two-factor authentication. Researchers used the valid employee email to reset the password, bypass two-factor authentication, and gain access to the panels functionality. ” wrote Curry.

Hacking 125

Hacking Accountability Passwords Authentication 125