Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Authentication Bypass / Remote Command Execution EnGenius EnShare IoT Gigabit Cloud Service 1.4.11

Wireless 81

Wireless IoT Advertising Surveillance 81

Security Affairs

JULY 28, 2022

The DSIRF website states the provide services “to multinational corporations in the technology, retail, energy and financial sectors ” and that they have “ a set of highly sophisticated techniques in gathering and analyzing information. Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0

Surveillance 93

Surveillance Malware Authentication Accountability 93

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence 92

Security Intelligence Hacking Antivirus Authentication 92

Security Affairs

JANUARY 19, 2022

According to the advisory published by SolarWinds, the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. “The Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized,” reads the advisory published by SolarWinds.

Authentication 105

Authentication Hacking Ransomware Security Intelligence 105

Cisco Security

MAY 27, 2022

NOC members to query Meraki for information about network devices and their clients. NOC members to query Palo Alto Panorama for client information. Since Meraki was a new platform for much of the NOC’s staff, we wanted to make information easier to gather and enable a certain amount of self-service. drakefollow[.]com.

Malware 86

Malware Accountability DNS Technology 86

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon.

Authentication 105

Authentication Advertising Architecture Cyber Attacks 105

Security Affairs

OCTOBER 29, 2020

. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.” Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020. Data was exfiltrated to the de-ma[.]online

Hacking 72

Hacking Security Intelligence Advertising Accountability 72

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 108

VPN Social Engineering Accountability Media 108

Lenny Zeltser

MAY 3, 2019

Enabling two-factor authentication is perhaps the most important step toward resisting such tactics (attackers have intercepted SMS codes, so use other methods, if possible). More broadly: Enable two-factor authentication everywhere. Require authentication for printer, server, computer, and device access even on local networks.

Cybersecurity 111

Cybersecurity Social Engineering Authentication Software 111