Remove Authentication Remove Security Defenses Remove System Administration
article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. The problem: CVE-2024-22245 and CVE-2024-22250 put Windows domains vulnerable to authentication relay and session hijack attacks.

Risk 114
article thumbnail

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 93
article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 76
article thumbnail

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

GitHub Enterprise Server and GitLab patched their authentication bypass and XSS issues. If your system is already exposed to a DDoS attack, explore our guidelines on how to perform DDoS attack prevention in three stages. This poses serious security risks, particularly for organizations that handle sensitive data.

Backups 68
article thumbnail

What Is VLAN Tagging? Definition & Best Practices

eSecurity Planet

User Authentication: In addition to checking VLAN IDs to ensure they match and are approved for that particular VLAN, many other user authentication methods are typically used to ensure devices and users are approved for that VLAN. Trunk: The trunk port forwards and facilitates VLAN-to-VLAN communication across multiple VLANs.

article thumbnail

Vulnerability Recap 9/16/24 – Critical Endpoint Flaws Emerged

eSecurity Planet

Users should immediately update to the most recent versions by going to System Configuration > System Administration > Update Software. It’s strongly advised that you follow the company’s security hardening requirements to protect your systems further.