Authentication, Firmware and Security Defenses

Vulnerability Recap 6/18/24 – Patch Tuesday, Plus More Ivanti Issues

eSecurity Planet

JUNE 18, 2024

According to NIST’s National Vulnerability Database (NVD), a logic error exists in the device’s code that could lead to authentication bypass. This could allow them to make changes within the device’s firmware. The fix: Upgrade your Pixel device to the most recent security update.

Firmware

Firmware Authentication Ransomware Software

VulnRecap 1/16/24 – Major Firewall Issues Persist

eSecurity Planet

JANUARY 16, 2024

The problem: Ivanti announced two vulnerabilities that affect Ivanti Connect Secure VPN and Ivanti Policy Secure products. Potential results of the exploits include authentication bypass and command injection. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall

Firewall Firmware IoT Authentication

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN

VPN Authentication Firmware Phishing

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

eSecurity Planet

AUGUST 20, 2024

Enable Multi-Factor Authentication (MFA) Even if your password is compromised, MFA adds an extra layer of security by requiring a second verification form, such as a code sent to your phone or generated by an authentication app. This can typically be done in the account settings under the security section.

Identity Theft

Identity Theft Data breaches Passwords Encryption

Vulnerability Recap 8/20/24 – Microsoft Has the Spotlight This Week

eSecurity Planet

AUGUST 20, 2024

August 12, 2024 Ivanti Runs Into Snag With Virtual Traffic Manager Type of vulnerability: Authentication bypass. The problem: Ivanti Virtual Traffic Manager has a vulnerability that could lead to authentication bypass and subsequent creation of an administrator when exploited. Install Web Help Desk version 12.8.3

Authentication

Authentication Firmware Technology Software

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities. The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. EPMM versions 11.10, 11.9

Authentication

Authentication Malware VPN Mobile

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

eSecurity Planet

SEPTEMBER 9, 2024

Companies should improve security by deploying endpoint detection and response (EDR), limiting remote access, and utilizing multi-factor authentication. Manage your organization’s endpoint security through EDR solutions. The fix: Prevent these attacks by rapidly upgrading and patching all impacted software.

Firmware

Firmware Backups Firewall Risk

Vulnerability Recap 7/1/24 – Apple, GitLab, AI Platforms at Risk

eSecurity Planet

JULY 1, 2024

MOVEit Transfer had an authentication bypass that affected 2,700 instances. Apple issued updates for AirPods’ Bluetooth authentication bypass flaw. To improve security, users should update software on a regular basis, establish strong authentication procedures, and limit access to key resources.

Risk

Risk Authentication Firmware Software

Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms

eSecurity Planet

JUNE 24, 2024

ASUS fixed authentication bypass and buffer overflow issues in its routers. Cybersecurity researchers discovered a buffer overflow flaw in Intel Core processor firmware causing Phoenix Technology to release patches. The problem: Security researchers reported a buffer overflow vulnerability ( CVE-2024-0762 , CVSS 7.5)

Firmware

Firmware Passwords Software Risk

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Strengthen Router Security: Enhance your router’s security by changing default login credentials. Regularly update router firmware to patch vulnerabilities and close potential avenues of attack. Android users should disable installations from unknown sources, ensuring app authenticity.

Malware

Malware Antivirus Software Passwords

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). FreeBSD, an open-source operating system project, released a security bulletin about the vulnerability, which occurs in a signal handler in sshd(8).

Firmware

Firmware Software Wireless Security Defenses

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

Encryption and secure communication protocols: Protecting data in transit between ICS components. Patch management: Keeping software and firmware up to date to close security gaps. Firmware manipulation is particularly dangerous because it often remains undetected until significant damage occurs.

Firmware

Firmware Encryption Manufacturing Risk

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 Non-privileged threat actors can exploit these drivers to gain complete device control, execute arbitrary code, modify firmware, and escalate operating system privileges, posing a significant security risk.

Software

Software Education Ransomware Firmware

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). FreeBSD, an open-source operating system project, released a security bulletin about the vulnerability, which occurs in a signal handler in sshd(8).

Firmware

Firmware Software Wireless Security Defenses

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

GitHub Enterprise Server and GitLab patched their authentication bypass and XSS issues. Immediately update your QNAP devices to the most recent firmware to mitigate these issues. May 21, 2024 GitHub Enterprise Server Update Fixes SAML Authentication Bypass Type of vulnerability: Authentication bypass.

Backups

Backups Authentication DDOS Engineering

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

eSecurity Planet

FEBRUARY 21, 2024

Check the Firewall Hardware & Operating System After you’ve prepared all the documentation and know everyone’s roles, one of the early steps in a firewall audit process is a hardware and firmware check. Look at the hardware to see whether it fits your company’s standards and security requirements.

Firewall

Firewall Firmware Software Risk

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

eSecurity Planet

SEPTEMBER 2, 2024

Devices running SonicWall Firewall Gen5, Gen6, and Gen 7 are vulnerable to network-based threats that require no user interaction or authentication. The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), 13o), Gen 6 (to version 6.5.4.15.116n), and Gen 7 (to any version above 7.0.1-5035).

Risk

Risk Firewall Firmware Engineering

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

The exploit combines an authentication bypass ( CVE-2024-4358 ) with a deserialization issue ( CVE-2024-1800 ). The authentication bypass permits the establishment of rogue admin accounts, but the deserialization flaw allows remote code execution, potentially giving attackers complete control over the affected servers.

Malware

Malware Authentication Software Telecommunications

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

The three innovators and MIT patented the RSA algorithm, a proprietary system available through RSA Security until its public release in 2000. The RSA algorithm remains the most popular public key cryptographic system today and introduced the concept of digital signatures for authentication outside of academia.

Encryption

Encryption Passwords Authentication Password Management

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

eSecurity Planet

MAY 20, 2024

doesn’t always require authentication for SSID during a Wi-Fi session. Note that some DIR-600 devices are end of life, so D-Link won’t release any firmware updates for these. This attack can occur on any operating system and Wi-Fi client.

VPN

VPN Firmware Malware Software

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Password manager : Stores passwords securely, enforces quality, permits safe internal and external sharing, and ties into HR software for effective off-boarding of users. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

eSecurity Planet

JULY 8, 2024

OpenSSH resolved a signal handler race problem, Juniper Networks managed an authentication bypass, and CocoaPods faced supply chain attack concerns. Regularly update and follow secure development methods, particularly in open-source projects. Cisco discovered a command injection issue, while a side-channel attack exposed Intel CPUs.

Risk

Risk Authentication Firmware Surveillance

Advanced threat predictions for 2025

SecureList

NOVEMBER 25, 2024

One of them is CVE-2024-0204, which allows attackers to bypass authentication in the GoAnywhere MFT. Many IoT devices rely on remote servers for control, but the security practices of the companies managing these servers are often unclear, resulting in new potential attack vectors on their infrastructure.

IoT

IoT Energy and Utilities Phishing Cryptocurrency

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. Read more about how websites and application vulnerability scanners can proactively help development teams catch issues.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

Vulnerability Recap 6/18/24 – Patch Tuesday, Plus More Ivanti Issues

VulnRecap 1/16/24 – Major Firewall Issues Persist

Trending Sources

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

Vulnerability Recap 8/20/24 – Microsoft Has the Spotlight This Week

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

Vulnerability Recap 7/1/24 – Apple, GitLab, AI Platforms at Risk

Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms

How to Prevent Malware: 15 Best Practices for Malware Prevention

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

What Is Industrial Control System (ICS) Cyber Security?

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

Types of Encryption, Methods & Use Cases

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

Advanced threat predictions for 2025

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected