Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication 130

Authentication Firmware VPN Manufacturing 130

Security Affairs

MAY 29, 2024

The advisory published by the company states that the attacks targeted the endpoints supporting the cross-origin authentication feature, the attacks hit several customers. The identity and access management firm observed suspicious activity that started on April 15. ” reads advisory. ” reads advisory.

Authentication 125

Authentication Accountability Passwords Data breaches 125

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 330

Banking Government Information Security Authentication 330

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture 357

Architecture Artificial Intelligence Encryption Cybersecurity 357

Daniel Miessler

MAY 14, 2020

Enable two-factor authentication on all critical accounts. For your most important accounts—such as those controlling your email account, your bank, and your mobile phone account—you should enable two-factor authentication. That means your computers, laptops, phones, gaming systems, smart home appliances, etc. Everything.

Risk 345

Risk Password Management Passwords Accountability 345

Security Affairs

FEBRUARY 21, 2024

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6).

Authentication 141

Authentication Ransomware Software Information Security 141

Krebs on Security

AUGUST 23, 2024

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. ” Caturegli said setting up an email server record for memrtcc.ad

DNS 310

DNS Internet Internet Authentication 310

Security Affairs

MARCH 11, 2024

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. “The Progress OpenEdge team recently identified a security vulnerability in OpenEdge Release 11.7.18 If a match occurs, authentication is granted.

Software 137

Software Authentication Passwords Engineering 137

Joseph Steinberg

JANUARY 20, 2022

Zero Trust is a concept, an approach to information security that dramatically deviates from the approach commonly taken at businesses worldwide by security professionals for many years. And, of course, they must know, and be able to strongly authenticate, any human users as well.

Cybersecurity 362

Cybersecurity Artificial Intelligence Ransomware Social Engineering 362

The Last Watchdog

JANUARY 6, 2022

But they have more disadvantages than benefits if we talk about ensuring information security. G-71 created the state-of-the-art information security solution LeaksID to protect private and corporate documents from illegal access, complementing DLP systems. Yes, they are cheap to apply. They can be dynamic.

Marketing 279

Marketing Software Surveillance Information Security 279

Krebs on Security

APRIL 11, 2024

On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”

CISO 288

CISO Encryption Telecommunications Financial Services 288

Krebs on Security

OCTOBER 20, 2023

Okta , a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Maiffret said BeyondTrust followed up with Okta on Oct. But she said that by Oct.

Social Engineering 329

Social Engineering Engineering Accountability Hacking 329

Security Affairs

OCTOBER 17, 2024

The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately reported to VMware by Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) through the Trend Micro Zero Day Initiative (ZDI). “An authenticated SQL injection vulnerability in HCX was privately reported to VMware.

Authentication 131

Authentication Mobile Hacking Information Security 131

Security Affairs

OCTOBER 20, 2024

An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system. “An authenticated attacker may exploit this vulnerability by storing malicious HTML or JavaScript code in the BIG-IQ user interface.

Authentication 137

Authentication Hacking Technology Information Security 137

Security Affairs

SEPTEMBER 16, 2024

. “If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.” Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.”

Authentication 135

Authentication Hacking Information Security 135

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

DECEMBER 28, 2023

Experts warn of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. For this reason, removing the XML RPC code did not completely patch the flaw.

Authentication 140

Authentication Passwords Hacking Software 140

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. .”

Healthcare 283

Healthcare Insurance Computers and Electronics Data breaches 283

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Internet Archive Zendesk emails sent by the threat actor Source: BleepingComputer The message highlights a poor security posture by the Internet Archive.

Internet 128

Internet Internet Data breaches Authentication 128

Security Affairs

SEPTEMBER 11, 2024

could allow a remote authenticated attacker with admin privileges to execute arbitrary code on the core server. AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CWE-89 CVE-2024-8320 Missing authentication in Network Isolation of Ivanti EPM before {fix version} allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.

Software 130

Software Authentication IoT Hacking 130

Security Affairs

SEPTEMBER 18, 2024

To protect against attacks like Credential Flusher, it is essential to adopt a series of security measures: Use updated antivirus software: Ensure that your security software is always up to date to detect and block the latest threats. Always verify the authenticity of received communications.

Passwords 127

Passwords Identity Theft Education Authentication 127

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. ” reads the advisory published by the company.

Authentication 101

Authentication Software Hacking Information Security 101

Security Affairs

SEPTEMBER 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Virtual Traffic Manager vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593 (CVSS score of 9.8)

Authentication 133

Authentication Software Internet Internet 133

Security Affairs

MAY 2, 2024

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached the production infrastructure of the DropBox Sign eSignature service and gained access to customer information and authentication data.

Hacking 133

Hacking Passwords Authentication Accountability 133

Security Affairs

MARCH 5, 2024

Below are the descriptions for these vulnerabilities: CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue ( CWE-288 ) and has a CVSS base score of 9.8 ” reads the advisory published by JetBrains. ” reads the advisory published by JetBrains.

Software 136

Software Authentication Hacking Information Security 136

Security Affairs

NOVEMBER 7, 2024

CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency. The vulnerability is a privilege escalation issue in the Android Framework component. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

JANUARY 12, 2024

According to researchers, the leak revealed an authentication server with login details and information on Liquipedia’s users along with authentication details for Liquipedia admins. A part of the exposed information was contained in a user collection weighing 77MB, containing data on nearly 119,000 users.

Authentication 139

Authentication Media Accountability Encryption 139

Security Affairs

MARCH 29, 2024

Securing Default Remote Access VPN Profiles when the default remote access VPN connection profiles/tunnel groups DefaultRAGroup a nd DefaultWEBVPNGroup are not used. Use Certificate-based authentication for RAVPN Using certificates for authentication because provide a more robust approach compared to the use of credentials.

Firewall 131

Firewall Passwords VPN Authentication 131

Security Affairs

AUGUST 22, 2024

GitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three security vulnerabilities impacting the GitHub Enterprise Server (GHES), including a critical flaw tracked as CVE-2024-6800 (CVSS score of 9.5).

Authentication 127

Authentication Hacking Accountability Information Security 127

Security Affairs

NOVEMBER 13, 2024

is a buffer overflow issue that an authenticated attacker could exploit. “Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.” is an improper input validation issue that can be exploited remotely without authentication.

Authentication 115

Authentication Mobile Hacking Information Security 115

Security Affairs

JULY 10, 2024

An authenticated malicious user can exploit the flaw by entering specially crafted SQL queries and perform unauthorised read/write operations in the database. “An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database.”

Authentication 134

Authentication Government Hacking Information Security 134

The Last Watchdog

FEBRUARY 21, 2022

Remember to implement and enforce these suggestions with the traditional Information Security principles we all need to remain secure: good access control (passwords, multifactor authentication, least privilege rights), patch management, frequent backups, and audit logs. Be brilliant at these basics, but don’t stop there.

Healthcare 214

Healthcare Cyber Attacks Education Social Engineering 214

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, x), Ivanti Policy Secure (9.x,

Authentication 132

Authentication Software Internet Internet 132

Security Affairs

JUNE 11, 2024

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 and a proof of concept exploit for this issue.

Backups 134

Backups Authentication Software Hacking 134

Security Affairs

OCTOBER 19, 2024

Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. In each of the cases, attackers initially accessed targets using compromised VPN gateways without multifactor authentication enabled. Overlapping indicators link these cases to prior Fog and Akira ransomware attacks.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

JULY 12, 2024

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency. ” The remaining issues addressed by the security vendor are: 6.8

Authentication 131

Authentication Firewall Accountability Hacking 131

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 140

VPN Firewall Authentication Hacking 140