Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. concludes Sophos.

Backups 129

Backups VPN Ransomware Authentication 129

Adam Shostack

JANUARY 2, 2025

That also would include dates of birth, the last four digits of voters' Social Security numbers. I want to consider only the information security aspects of the letter , which also states that "Please be aware that any documents that are submitted to the full Commission will also be made available to the public."

Authentication 130

Authentication Accountability Information Security 130

Security Affairs

NOVEMBER 7, 2024

CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency. The vulnerability is a privilege escalation issue in the Android Framework component. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 124

Firewall Authentication Accountability Risk 124

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks. ” concludes the report.

Phishing 112

Phishing Accountability Authentication Advertising 112

Krebs on Security

NOVEMBER 21, 2018

Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. A USPS brochure advertising the features and benefits of Informed Visibility. Image: USPS.com.

Accountability 278

Accountability Authentication Identity Theft Advertising 278

Security Affairs

MAY 22, 2024

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication.

Backups 129

Backups Authentication Accountability Software 129

Security Affairs

MARCH 30, 2025

RESURGE enables credential harvesting, account creation, and privilege escalation, copying web shells to Ivanti’s boot disk and manipulating the coreboot image for persistence. The vulnerability Ivanti impacted Ivanti Connect Secure, Policy Secure and ZTA Gateways. In January, the U.S. reads the advisory.

Malware 120

Malware Authentication Cybersecurity Encryption 120

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 138

Cybercrime Social Engineering Accountability Government 138

Security Affairs

JANUARY 25, 2025

Subaru Starlink flaw exposed vehicles and customer accounts in the US, Canada, and Japan to remote attacks. The experts explained that they exploited the flaw to gain unrestricted targeted access to all vehicles and customer accounts in the above countries. ” wrote Curry. ” added Curry. I sent the unlock command.

Hacking 124

Hacking Accountability Passwords Authentication 124

Security Affairs

JANUARY 2, 2025

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites. ” Paulos Yibelo wrote.

Accountability 117

Accountability Authentication Hacking Information Security 117

Security Affairs

JANUARY 16, 2025

Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here. ” It is unclear if the DNS misconfiguration has been done by accident, or a threat actors has done it by accessing the domains registrar account.

DNS 138

DNS Malware Firmware Authentication 138

Security Affairs

APRIL 12, 2025

“The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the ‘secret_key’ value in the ‘autheticate_user’ function in all versions up to, and including, 1.0.78.”

Accountability 78

Accountability Authentication Passwords Hacking 78

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack.

Accountability 136

Accountability Social Engineering Authentication VPN 136

Krebs on Security

OCTOBER 20, 2023

Okta , a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. He said that on Oct 2., 2 was not a result of a breach in its systems. But she said that by Oct.

Social Engineering 355

Social Engineering Engineering Accountability Hacking 355

Security Affairs

APRIL 12, 2024

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. Then, they enter those accounts to abuse permissions, siphoning out data, or both.

Accountability 132

Accountability Passwords Data breaches Authentication 132

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Security Affairs

MAY 29, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services. ” reads advisory. ” reads advisory.

Authentication 124

Authentication Accountability Passwords Data breaches 124

Security Affairs

NOVEMBER 8, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, RCE)

Firewall 115

Firewall Authentication Internet Internet 115

Daniel Miessler

MAY 14, 2020

Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Pick either 1Password or LastPass , go through all your accounts, and for each one…reset the password to something created by (and stored in) your password manager. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

Security Affairs

NOVEMBER 17, 2024

The Really Simple Security plugin, formerly Really Simple SSL, is a popular WordPress tool that enhances website security with features like login protection, vulnerability detection, and two-factor authentication. Wordfence’s researcher István Márton discovered the vulnerability on November 6, 2024. and up to 9.1.1.1

Authentication 73

Authentication Accountability Hacking Information Security 73

Security Affairs

SEPTEMBER 25, 2022

Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.

Accountability 127

Accountability Phishing Authentication Passwords 127

Security Affairs

OCTOBER 20, 2021

The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Once delivered on the targets’ systems, the malware was used to steal their credentials and browser cookies which allowed the attackers to hijack the victims’ accounts in pass-the-cookie attacks. Pierluigi Paganini.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 141

Banking Accountability Malware Mobile 141

Security Affairs

JULY 24, 2022

million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The bug exists due to the proccess of authorization used in the Android Client of Twitter, specifically in the procces of checking the duplication of a Twitter account.” Threat actor leaked data of 5.4

Accountability 143

Accountability Advertising Authentication Hacking 143

Security Affairs

NOVEMBER 5, 2024

The Android malware is designed to initiate account takeovers and carry out fraudulent money transfers from infected devices. Using On-Device Fraud (ODF) techniques, it bypasses bank security measures, including identity verification and behavioral detection. . ” reads the report published by Cleafy.

Banking 120

Banking Malware Accountability Authentication 120

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 338

Banking Government Information Security Authentication 338

Security Affairs

APRIL 6, 2025

Musielak warned of the rising threat of mass identity theft, fraudulent credit applications, and fake account creation, which are now more scalable with generative AI. Notably, within hours of Musielaks demonstration, ChatGPT started rejecting comparable prompts, referencing its safety policies against generating fake documents.

Identity Theft 145

Identity Theft Insurance Banking Authentication 145

Security Affairs

JULY 27, 2022

Researchers uncovered an ongoing operation, codenamed DUCKTAIL that targets Facebook Business and Ad Accounts. Researchers from WithSecure (formerly F-Secure Business) have discovered an ongoing operation, named DUCKTAIL, that targets individuals and organizations that operate on Facebook’s Business and Ads platform.

Accountability 131

Accountability Malware Media Marketing 131

Security Affairs

SEPTEMBER 7, 2024

A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for WordPress that accounts for over 5 million active installations. ” concludes the report.

Accountability 132

Accountability Authentication Hacking Information Security 132

SecureWorld News

DECEMBER 12, 2024

Trey Ford, Chief Information Security Officer at Bugcrowd, observed, "This incident may not have been made public if it wasn't for the Form 8-K requirement." Scobey recommends: Privileged Access Management (PAM): Restrict access to sensitive systems to essential personnel and monitor privileged accounts for unusual activity.

Password Management 109

Password Management Passwords CISO Cybersecurity 109

Security Affairs

FEBRUARY 3, 2025

Google as usual did not share details about the attacks exploiting the above vulnerability, The vulnerability is a privilege escalation security flaw in the Kernel’s USB Video Class driver. An authenticated local attacker could exploit the flaw to elevate privileges in low-complexity attacks. ” reads the advisory. .

Media 114

Media Authentication Hacking Accountability 114

Krebs on Security

APRIL 14, 2019

The ne’er-do-well who set up the account below has been paying $550 a month for a Land Lordz “basic plan” subscription at landlordz[.]site The site looks exactly like the real Airbnb, includes pictures of the requested property, and steers visitors toward signing in or to creating a new account. co.uk , airbnb.pt-anuncio[.]com

Scams 271

Scams Advertising Accountability Phishing 271

Security Affairs

JANUARY 15, 2025

Instead, only an HMAC (hash-based message authentication code) is logged in AWS CloudTrail. The ransomware group’s note warns that any changes to account permissions or files will end negotiations. As always, customers can contact AWS Support with any questions or concerns about the security of their account.

Encryption 116

Encryption Ransomware Authentication Accountability 116

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 130

Internet Internet Accountability Passwords 130

SecureWorld News

MARCH 20, 2025

Attackers are mimicking tournament brackets, betting promotions, and registration formstricking users into handing over credentials or linking bank accounts to fraudulent sites. A simple click on what seems like an innocent bracket challenge or promo offer can lead to compromised financial accounts before tipoff.

Scams 83

Scams Social Engineering Mobile Phishing 83

Security Affairs

FEBRUARY 18, 2025

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. This attack requires access to the MFP printer admin account and an already configured LDAP service. ” reads the report published by Rapid7.

Firmware 65

Firmware Authentication Accountability Passwords 65

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361